]> git.saurik.com Git - apple/security.git/blob - OSX/sec/Security/SecTrust.h
Security-57337.50.23.tar.gz
[apple/security.git] / OSX / sec / Security / SecTrust.h
1 /*
2 * Copyright (c) 2002-2010,2012-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*!
25 @header SecTrust
26 The functions and data types in SecTrust implement trust computation
27 and allow the caller to apply trust decisions to the evaluation.
28 */
29
30 #ifndef _SECURITY_SECTRUST_H_
31 #define _SECURITY_SECTRUST_H_
32
33 #include <Security/SecBase.h>
34 #include <CoreFoundation/CoreFoundation.h>
35 #include <AvailabilityMacros.h>
36
37 __BEGIN_DECLS
38
39 CF_ASSUME_NONNULL_BEGIN
40 CF_IMPLICIT_BRIDGING_ENABLED
41
42 /*!
43 @typedef SecTrustResultType
44 @abstract Specifies the trust result type.
45 @discussion SecTrustResultType results have two dimensions. They specify
46 both whether evaluation suceeded and whether this is because of a user
47 decision. The commonly expected result is kSecTrustResultUnspecified,
48 which indicates a positive result that wasn't decided by the user. The
49 common failure is kSecTrustResultRecoverableTrustFailure, which means a
50 negative result. kSecTrustResultProceed and kSecTrustResultDeny are the
51 positive and negative result respectively when decided by the user. User
52 decisions are persisted through the use of SecTrustCopyExceptions() and
53 SecTrustSetExceptions(). Finally, kSecTrustResultFatalTrustFailure is a
54 negative result that must not be circumvented.
55 @constant kSecTrustResultInvalid Indicates an invalid setting or result.
56 This result usually means that SecTrustEvaluate has not yet been called.
57 @constant kSecTrustResultProceed Indicates you may proceed. This value
58 may be returned by the SecTrustEvaluate function or stored as part of
59 the user trust settings.
60 @constant kSecTrustResultConfirm Indicates confirmation with the user
61 is required before proceeding. Important: this value is no longer returned
62 or supported by SecTrustEvaluate or the SecTrustSettings API starting in
63 OS X 10.5; its use is deprecated in OS X 10.9 and later, as well as in iOS.
64 @constant kSecTrustResultDeny Indicates a user-configured deny; do not
65 proceed. This value may be returned by the SecTrustEvaluate function
66 or stored as part of the user trust settings.
67 @constant kSecTrustResultUnspecified Indicates the evaluation succeeded
68 and the certificate is implicitly trusted, but user intent was not
69 explicitly specified. This value may be returned by the SecTrustEvaluate
70 function or stored as part of the user trust settings.
71 @constant kSecTrustResultRecoverableTrustFailure Indicates a trust policy
72 failure which can be overridden by the user. This value may be returned
73 by the SecTrustEvaluate function but not stored as part of the user
74 trust settings.
75 @constant kSecTrustResultFatalTrustFailure Indicates a trust failure
76 which cannot be overridden by the user. This value may be returned by the
77 SecTrustEvaluate function but not stored as part of the user trust
78 settings.
79 @constant kSecTrustResultOtherError Indicates a failure other than that
80 of trust evaluation. This value may be returned by the SecTrustEvaluate
81 function but not stored as part of the user trust settings.
82 */
83 typedef uint32_t SecTrustResultType;
84 enum {
85 kSecTrustResultInvalid = 0,
86 kSecTrustResultProceed = 1,
87 kSecTrustResultConfirm SEC_DEPRECATED_ATTRIBUTE = 2,
88 kSecTrustResultDeny = 3,
89 kSecTrustResultUnspecified = 4,
90 kSecTrustResultRecoverableTrustFailure = 5,
91 kSecTrustResultFatalTrustFailure = 6,
92 kSecTrustResultOtherError = 7
93 };
94
95 /*!
96 @typedef SecTrustRef
97 @abstract CFType used for performing X.509 certificate trust evaluations.
98 */
99 typedef struct CF_BRIDGED_TYPE(id) __SecTrust *SecTrustRef;
100
101 /*!
102 @enum Trust Property Constants
103 @discussion Predefined key constants used to obtain values in a
104 per-certificate dictionary of trust evaluation results,
105 as retrieved from a call to SecTrustCopyProperties.
106 @constant kSecPropertyTypeTitle Specifies a key whose value is a
107 CFStringRef containing the title (display name) of this certificate.
108 @constant kSecPropertyTypeError Specifies a key whose value is a
109 CFStringRef containing the reason for a trust evaluation failure.
110 */
111 extern const CFStringRef kSecPropertyTypeTitle
112 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_7_0);
113 extern const CFStringRef kSecPropertyTypeError
114 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_7_0);
115
116 /*!
117 @enum Trust Result Constants
118 @discussion Predefined key constants used to obtain values in a
119 dictionary of trust evaluation results for a certificate chain,
120 as retrieved from a call to SecTrustCopyResult.
121 @constant kSecTrustEvaluationDate
122 This key will be present if a trust evaluation has been performed
123 and results are available. Its value is a CFDateRef representing
124 when the evaluation for this trust object took place.
125 @constant kSecTrustExtendedValidation
126 This key will be present and have a value of kCFBooleanTrue
127 if this chain was validated for EV.
128 @constant kSecTrustOrganizationName
129 Organization name field of subject of leaf certificate. This
130 field is meant to be displayed to the user as the validated
131 name of the company or entity that owns the certificate if the
132 kSecTrustExtendedValidation key is present.
133 @constant kSecTrustResultValue
134 This key will be present if a trust evaluation has been performed.
135 Its value is a CFNumberRef representing the SecTrustResultType result
136 for the evaluation.
137 @constant kSecTrustRevocationChecked
138 This key will be present iff this chain had its revocation checked.
139 The value will be a kCFBooleanTrue if revocation checking was
140 successful and none of the certificates in the chain were revoked.
141 The value will be kCFBooleanFalse if no current revocation status
142 could be obtained for one or more certificates in the chain due
143 to connection problems or timeouts. This is a hint to a client
144 to retry revocation checking at a later time.
145 @constant kSecTrustRevocationValidUntilDate
146 This key will be present iff kSecTrustRevocationChecked has a
147 value of kCFBooleanTrue. The value will be a CFDateRef representing
148 the earliest date at which the revocation info for one of the
149 certificates in this chain might change.
150 @constant kSecTrustCertificateTransparency
151 This key will be present and have a value of kCFBooleanTrue
152 if this chain is CT qualified.
153
154 */
155 extern const CFStringRef kSecTrustEvaluationDate
156 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
157 extern const CFStringRef kSecTrustExtendedValidation
158 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
159 extern const CFStringRef kSecTrustOrganizationName
160 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
161 extern const CFStringRef kSecTrustResultValue
162 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
163 extern const CFStringRef kSecTrustRevocationChecked
164 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
165 extern const CFStringRef kSecTrustRevocationValidUntilDate
166 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
167 extern const CFStringRef kSecTrustCertificateTransparency
168 __OSX_AVAILABLE_STARTING(__MAC_10_11, __IPHONE_9_0);
169
170 #ifdef __BLOCKS__
171 /*!
172 @typedef SecTrustCallback
173 @abstract Delivers the result from an asynchronous trust evaluation.
174 @param trustRef A reference to the trust object which has been evaluated.
175 @param trustResult The trust result of the evaluation. Additional status
176 information can be obtained by calling SecTrustCopyProperties().
177 */
178 typedef void (^SecTrustCallback)(SecTrustRef trustRef, SecTrustResultType trustResult);
179 #endif /* __BLOCKS__ */
180
181
182 /*!
183 @function SecTrustGetTypeID
184 @abstract Returns the type identifier of SecTrust instances.
185 @result The CFTypeID of SecTrust instances.
186 */
187 CFTypeID SecTrustGetTypeID(void)
188 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_2_0);
189
190 /*!
191 @function SecTrustCreateWithCertificates
192 @abstract Creates a trust object based on the given certificates and
193 policies.
194 @param certificates The group of certificates to verify. This can either
195 be a CFArrayRef of SecCertificateRef objects or a single SecCertificateRef
196 @param policies An array of one or more policies. You may pass a
197 SecPolicyRef to represent a single policy.
198 @param trust On return, a pointer to the trust management reference.
199 @result A result code. See "Security Error Codes" (SecBase.h).
200 @discussion If multiple policies are passed in, all policies must verify
201 for the chain to be considered valid.
202 */
203 OSStatus SecTrustCreateWithCertificates(CFTypeRef certificates,
204 CFTypeRef __nullable policies, SecTrustRef * __nonnull CF_RETURNS_RETAINED trust)
205 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_2_0);
206
207 /*!
208 @function SecTrustSetPolicies
209 @abstract Set the policies for which trust should be verified.
210 @param trust A trust reference.
211 @param policies An array of one or more policies. You may pass a
212 SecPolicyRef to represent a single policy.
213 @result A result code. See "Security Error Codes" (SecBase.h).
214 @discussion This function will invalidate the existing trust result,
215 requiring a fresh evaluation for the newly-set policies.
216 */
217 OSStatus SecTrustSetPolicies(SecTrustRef trust, CFTypeRef policies)
218 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_6_0);
219
220 /*!
221 @function SecTrustCopyPolicies
222 @abstract Returns an array of policies used for this evaluation.
223 @param trust A reference to a trust object.
224 @param policies On return, an array of policies used by this trust.
225 Call the CFRelease function to release this reference.
226 @result A result code. See "Security Error Codes" (SecBase.h).
227 */
228 OSStatus SecTrustCopyPolicies(SecTrustRef trust, CFArrayRef * __nonnull CF_RETURNS_RETAINED policies)
229 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_7_0);
230
231 /*!
232 @function SecTrustSetNetworkFetchAllowed
233 @abstract Specifies whether a trust evaluation is permitted to fetch missing
234 intermediate certificates from the network.
235 @param trust A trust reference.
236 @param allowFetch If true, and a certificate's issuer is not present in the
237 trust reference but its network location is known, the evaluation is permitted
238 to attempt to download it automatically. Pass false to disable network fetch
239 for this trust evaluation.
240 @result A result code. See "Security Error Codes" (SecBase.h).
241 @discussion By default, network fetch of missing certificates is enabled if
242 the trust evaluation includes the SSL policy, otherwise it is disabled.
243 */
244 OSStatus SecTrustSetNetworkFetchAllowed(SecTrustRef trust,
245 Boolean allowFetch)
246 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
247
248 /*!
249 @function SecTrustGetNetworkFetchAllowed
250 @abstract Returns whether a trust evaluation is permitted to fetch missing
251 intermediate certificates from the network.
252 @param trust A trust reference.
253 @param allowFetch On return, the boolean pointed to by this parameter is
254 set to true if the evaluation is permitted to download missing certificates.
255 @result A result code. See "Security Error Codes" (SecBase.h).
256 @discussion By default, network fetch of missing certificates is enabled if
257 the trust evaluation includes the SSL policy, otherwise it is disabled.
258 */
259 OSStatus SecTrustGetNetworkFetchAllowed(SecTrustRef trust,
260 Boolean *allowFetch)
261 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
262
263 /*!
264 @function SecTrustSetAnchorCertificates
265 @abstract Sets the anchor certificates for a given trust.
266 @param trust A reference to a trust object.
267 @param anchorCertificates An array of anchor certificates.
268 @result A result code. See "Security Error Codes" (SecBase.h).
269 @discussion Calling this function without also calling
270 SecTrustSetAnchorCertificatesOnly() will disable trusting any
271 anchors other than the ones in anchorCertificates.
272 */
273 OSStatus SecTrustSetAnchorCertificates(SecTrustRef trust,
274 CFArrayRef anchorCertificates)
275 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_2_0);
276
277 /*!
278 @function SecTrustSetAnchorCertificatesOnly
279 @abstract Reenables trusting anchor certificates in addition to those
280 passed in via the SecTrustSetAnchorCertificates API.
281 @param trust A reference to a trust object.
282 @param anchorCertificatesOnly If true, disables trusting any anchors other
283 than the ones passed in via SecTrustSetAnchorCertificates(). If false,
284 the built in anchor certificates are also trusted.
285 @result A result code. See "Security Error Codes" (SecBase.h).
286 */
287 OSStatus SecTrustSetAnchorCertificatesOnly(SecTrustRef trust,
288 Boolean anchorCertificatesOnly)
289 __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
290
291 /*!
292 @function SecTrustCopyCustomAnchorCertificates
293 @abstract Returns an array of custom anchor certificates used by a given
294 trust, as set by a prior call to SecTrustSetAnchorCertificates, or NULL if
295 no custom anchors have been specified.
296 @param trust A reference to a trust object.
297 @param anchors On return, an array of custom anchor certificates (roots)
298 used by this trust, or NULL if no custom anchors have been specified. Call
299 the CFRelease function to release this reference.
300 @result A result code. See "Security Error Codes" (SecBase.h).
301 */
302 OSStatus SecTrustCopyCustomAnchorCertificates(SecTrustRef trust,
303 CFArrayRef * __nonnull CF_RETURNS_RETAINED anchors)
304 __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_7_0);
305
306 /*!
307 @function SecTrustSetVerifyDate
308 @abstract Set the date for which the trust should be verified.
309 @param trust A reference to a trust object.
310 @param verifyDate The date for which to verify trust.
311 @result A result code. See "Security Error Codes" (SecBase.h).
312 @discussion This function lets you evaluate certificate validity for a
313 given date (for example, to determine if a signature was valid on the date
314 it was signed, even if the certificate has since expired.) If this function
315 is not called, the time at which SecTrustEvaluate() is called is used
316 implicitly as the verification time.
317 */
318 OSStatus SecTrustSetVerifyDate(SecTrustRef trust, CFDateRef verifyDate)
319 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_2_0);
320
321 /*!
322 @function SecTrustGetVerifyTime
323 @abstract Returns the verify time.
324 @param trust A reference to the trust object being verified.
325 @result A CFAbsoluteTime value representing the time at which certificates
326 should be checked for validity.
327 @discussion This function retrieves the verification time for the given
328 trust reference, as set by a prior call to SecTrustSetVerifyDate(). If the
329 verification time has not been set, this function returns a value of 0,
330 indicating that the current date/time is implicitly used for verification.
331 */
332 CFAbsoluteTime SecTrustGetVerifyTime(SecTrustRef trust)
333 __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
334
335 /*!
336 @function SecTrustEvaluate
337 @abstract Evaluates a trust reference synchronously.
338 @param trust A reference to the trust object to evaluate.
339 @param result A pointer to a result type.
340 @result A result code. See "Security Error Codes" (SecBase.h).
341 @discussion This function will completely evaluate trust before returning,
342 possibly including network access to fetch intermediate certificates or to
343 perform revocation checking. Since this function can block during those
344 operations, you should call it from within a function that is placed on a
345 dispatch queue, or in a separate thread from your application's main
346 run loop. Alternatively, you can use the SecTrustEvaluateAsync function.
347 */
348 OSStatus SecTrustEvaluate(SecTrustRef trust, SecTrustResultType * __nullable result)
349 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_2_0);
350
351 #ifdef __BLOCKS__
352 /*!
353 @function SecTrustEvaluateAsync
354 @abstract Evaluates a trust reference asynchronously.
355 @param trust A reference to the trust object to evaluate.
356 @param queue A dispatch queue on which the result callback should be
357 executed. Pass NULL to use the current dispatch queue.
358 @param result A SecTrustCallback block which will be executed when the
359 trust evaluation is complete.
360 @result A result code. See "Security Error Codes" (SecBase.h).
361 */
362 OSStatus SecTrustEvaluateAsync(SecTrustRef trust,
363 dispatch_queue_t __nullable queue, SecTrustCallback result)
364 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_7_0);
365 #endif
366
367 /*!
368 @function SecTrustGetTrustResult
369 @param trust A reference to a trust object.
370 @param result A pointer to the result from the most recent call to
371 SecTrustEvaluate for this trust reference. If SecTrustEvaluate has not been
372 called or trust parameters have changed, the result is kSecTrustResultInvalid.
373 @result A result code. See "Security Error Codes" (SecBase.h).
374 @discussion This function replaces SecTrustGetResult for the purpose of
375 obtaining the current evaluation result of a given trust reference.
376 */
377 OSStatus SecTrustGetTrustResult(SecTrustRef trust,
378 SecTrustResultType *result)
379 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_7_0);
380
381 /*!
382 @function SecTrustCopyPublicKey
383 @abstract Return the public key for a leaf certificate after it has
384 been evaluated.
385 @param trust A reference to the trust object which has been evaluated.
386 @result The certificate's public key, or NULL if it the public key could
387 not be extracted (this can happen with DSA certificate chains if the
388 parameters in the chain cannot be found). The caller is responsible
389 for calling CFRelease on the returned key when it is no longer needed.
390 */
391 __nullable
392 SecKeyRef SecTrustCopyPublicKey(SecTrustRef trust)
393 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_2_0);
394
395 /*!
396 @function SecTrustGetCertificateCount
397 @abstract Returns the number of certificates in an evaluated certificate
398 chain.
399 @param trust A reference to a trust object.
400 @result The number of certificates in the trust chain, including the anchor.
401 @discussion Important: if the trust reference has not yet been evaluated,
402 this function will evaluate it first before returning. If speed is critical,
403 you may want to call SecTrustGetTrustResult first to make sure that a
404 result other than kSecTrustResultInvalid is present for the trust object.
405 */
406 CFIndex SecTrustGetCertificateCount(SecTrustRef trust)
407 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_2_0);
408
409 /*!
410 @function SecTrustGetCertificateAtIndex
411 @abstract Returns a certificate from the trust chain.
412 @param trust Reference to a trust object.
413 @param ix The index of the requested certificate. Indices run from 0
414 (leaf) to the anchor (or last certificate found if no anchor was found).
415 The leaf cert (index 0) is always present regardless of whether the trust
416 reference has been evaluated or not.
417 @result A SecCertificateRef for the requested certificate.
418 */
419 __nullable
420 SecCertificateRef SecTrustGetCertificateAtIndex(SecTrustRef trust, CFIndex ix)
421 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_2_0);
422
423 /*!
424 @function SecTrustCopyExceptions
425 @abstract Returns an opaque cookie which will allow future evaluations
426 of the current certificate to succeed.
427 @param trust A reference to an evaluated trust object.
428 @result An opaque cookie which when passed to SecTrustSetExceptions() will
429 cause a call to SecTrustEvaluate() return kSecTrustResultProceed. This
430 will happen upon subsequent evaluation of the current certificate unless
431 some new error starts happening that wasn't being reported when the cookie
432 was returned from this function (for example, if the certificate expires
433 then evaluation will start failing again until a new cookie is obtained.)
434 @discussion Normally this API should only be called once the errors have
435 been presented to the user and the user decided to trust the current
436 certificate chain regardless of the errors being presented, for the
437 current application/server/protocol combination.
438 */
439 CFDataRef SecTrustCopyExceptions(SecTrustRef trust)
440 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_4_0);
441
442 /*!
443 @function SecTrustSetExceptions
444 @abstract Set a trust cookie to be used for evaluating this certificate chain.
445 @param trust A reference to a trust object.
446 @param exceptions An exceptions cookie as returned by a call to
447 SecTrustCopyExceptions() in the past.
448 @result Upon calling SecTrustEvaluate(), any failures that where present at the
449 time the exceptions object was created are ignored, and instead of returning
450 kSecTrustResultRecoverableTrustFailure, kSecTrustResultProceed will be returned
451 (if the certificate for which exceptions was created matches the current leaf
452 certificate).
453 @result Returns true if the exceptions cookies was valid and matches the current
454 leaf certificate, false otherwise. This function will invalidate the existing
455 trust result, requiring a subsequent evaluation for the newly-set exceptions.
456 Note that this function returning true doesn't mean the caller can skip calling
457 SecTrustEvaluate, as there may be new errors since the exceptions cookie was
458 created (for example, a certificate may have subsequently expired.)
459 @discussion Clients of this interface will need to establish the context of this
460 exception to later decide when this exception cookie is to be used.
461 Examples of this context would be the server we are connecting to, the ssid
462 of the wireless network for which this cert is needed, the account for which
463 this cert should be considered valid, and so on.
464 */
465 bool SecTrustSetExceptions(SecTrustRef trust, CFDataRef exceptions)
466 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_4_0);
467
468 /*!
469 @function SecTrustCopyProperties
470 @abstract Return a property array for this trust evaluation.
471 @param trust A reference to a trust object. If the trust has not been
472 evaluated, the returned property array will be empty.
473 @result A property array. It is the caller's responsibility to CFRelease
474 the returned array when it is no longer needed.
475 @discussion This function returns an ordered array of CFDictionaryRef
476 instances for each certificate in the chain. Indices run from 0 (leaf) to
477 the anchor (or last certificate found if no anchor was found.) See the
478 "Trust Property Constants" section for a list of currently defined keys.
479 */
480 __nullable
481 CFArrayRef SecTrustCopyProperties(SecTrustRef trust)
482 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_2_0);
483
484 /*!
485 @function SecTrustCopyResult
486 @abstract Returns a dictionary containing information about the
487 evaluated certificate chain for use by clients.
488 @param trust A reference to a trust object.
489 @result A dictionary with various fields that can be displayed to the user,
490 or NULL if no additional info is available or the trust has not yet been
491 validated. The caller is responsible for calling CFRelease on the value
492 returned when it is no longer needed.
493 @discussion Returns a dictionary for the overall trust evaluation. See the
494 "Trust Result Constants" section for a list of currently defined keys.
495 */
496 __nullable
497 CFDictionaryRef SecTrustCopyResult(SecTrustRef trust)
498 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
499
500 /*!
501 @function SecTrustSetOCSPResponse
502 @abstract Attach OCSPResponse data to a trust object.
503 @param trust A reference to a trust object.
504 @param responseData This may be either a CFData object containing a single
505 DER-encoded OCSPResponse (per RFC 2560), or a CFArray of these.
506 @result A result code. See "Security Error Codes" (SecBase.h).
507 @discussion Allows the caller to provide OCSPResponse data (which may be
508 obtained during a TLS/SSL handshake, per RFC 3546) as input to a trust
509 evaluation. If this data is available, it can obviate the need to contact
510 an OCSP server for current revocation information.
511 */
512 OSStatus SecTrustSetOCSPResponse(SecTrustRef trust, CFTypeRef __nullable responseData)
513 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
514
515 CF_IMPLICIT_BRIDGING_DISABLED
516 CF_ASSUME_NONNULL_END
517
518 /*
519 * Legacy functions (OS X only)
520 */
521 #if TARGET_OS_MAC && !TARGET_OS_IPHONE
522 #include <Security/cssmtype.h>
523 #include <Security/cssmapple.h>
524
525 CF_ASSUME_NONNULL_BEGIN
526 CF_IMPLICIT_BRIDGING_ENABLED
527
528 /*!
529 @typedef SecTrustUserSetting
530 @abstract Specifies a user-specified trust setting value.
531 @discussion Deprecated in OS X 10.9. User trust settings are managed by
532 functions in SecTrustSettings.h (starting with OS X 10.5), and by the
533 SecTrustCopyExceptions and SecTrustSetExceptions functions (starting with
534 iOS 4 and OS X 10.9). The latter two functions are recommended for both OS X
535 and iOS, as they avoid the need to explicitly specify these values.
536 */
537 typedef SecTrustResultType SecTrustUserSetting
538 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_9, __IPHONE_NA, __IPHONE_NA);
539
540 /*!
541 @typedef SecTrustOptionFlags
542 @abstract Options for customizing trust evaluation.
543 @constant kSecTrustOptionAllowExpired Allow expired certificates.
544 @constant kSecTrustOptionLeafIsCA Allow CA as leaf certificate.
545 @constant kSecTrustOptionFetchIssuerFromNet Allow network fetch of CA cert.
546 @constant kSecTrustOptionAllowExpiredRoot Allow expired roots.
547 @constant kSecTrustOptionRequireRevPerCert Require positive revocation
548 check per certificate.
549 @constant kSecTrustOptionUseTrustSettings Use TrustSettings instead of
550 anchors.
551 @constant kSecTrustOptionImplicitAnchors Properly self-signed certs are
552 treated as anchors implicitly.
553 */
554 typedef uint32_t SecTrustOptionFlags;
555 enum {
556 kSecTrustOptionAllowExpired = 0x00000001,
557 kSecTrustOptionLeafIsCA = 0x00000002,
558 kSecTrustOptionFetchIssuerFromNet = 0x00000004,
559 kSecTrustOptionAllowExpiredRoot = 0x00000008,
560 kSecTrustOptionRequireRevPerCert = 0x00000010,
561 kSecTrustOptionUseTrustSettings = 0x00000020,
562 kSecTrustOptionImplicitAnchors = 0x00000040
563 };
564
565 /*!
566 @function SecTrustSetOptions
567 @abstract Sets optional flags for customizing a trust evaluation.
568 @param trustRef A trust reference.
569 @param options Flags to change evaluation behavior for this trust.
570 @result A result code. See "Security Error Codes" (SecBase.h).
571 @discussion This function is not available on iOS. Use SecTrustSetExceptions
572 and SecTrustCopyExceptions to modify default trust results, and
573 SecTrustSetNetworkFetchAllowed to specify whether missing CA certificates
574 can be fetched from the network.
575 */
576 OSStatus SecTrustSetOptions(SecTrustRef trustRef, SecTrustOptionFlags options)
577 __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_NA);
578
579 /*!
580 @function SecTrustSetParameters
581 @abstract Sets the action and action data for a trust object.
582 @param trustRef The reference to the trust to change.
583 @param action A trust action.
584 @param actionData A reference to data associated with this action.
585 @result A result code. See "Security Error Codes" (SecBase.h).
586 @discussion This function is deprecated in OS X 10.7 and later, where it
587 was replaced by SecTrustSetOptions, and is not available on iOS. Your code
588 should use SecTrustSetExceptions and SecTrustCopyExceptions to modify default
589 trust results, and SecTrustSetNetworkFetchAllowed to specify whether missing
590 CA certificates can be fetched from the network.
591 */
592 OSStatus SecTrustSetParameters(SecTrustRef trustRef,
593 CSSM_TP_ACTION action, CFDataRef actionData)
594 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_7, __IPHONE_NA, __IPHONE_NA);
595
596 /*!
597 @function SecTrustSetKeychains
598 @abstract Sets the keychains for a given trust object.
599 @param trust A reference to a trust object.
600 @param keychainOrArray A reference to an array of keychains to search, a
601 single keychain, or NULL to use the default keychain search list.
602 @result A result code. See "Security Error Codes" (SecBase.h).
603 @discussion By default, the user's keychain search list and the system
604 anchors keychain are searched for certificates to complete the chain. You
605 can specify a zero-element array if you do not want any keychains searched.
606 Note: this function is not applicable to iOS.
607 */
608 OSStatus SecTrustSetKeychains(SecTrustRef trust, CFTypeRef __nullable keychainOrArray)
609 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_NA);
610
611 /*!
612 @function SecTrustGetResult
613 @abstract Returns detailed information on the outcome of an evaluation.
614 @param trustRef A reference to a trust object.
615 @param result A pointer to the result from the call to SecTrustEvaluate.
616 @param certChain On return, a pointer to the certificate chain used to
617 validate the input certificate. Call the CFRelease function to release
618 this pointer.
619 @param statusChain On return, a pointer to the status of the certificate
620 chain. Do not attempt to free this pointer; it remains valid until the
621 trust is destroyed or the next call to SecTrustEvaluate.
622 @result A result code. See "Security Error Codes" (SecBase.h).
623 @discussion This function is deprecated in OS X 10.7 and later,
624 and is not available on iOS.
625 To get the complete certificate chain, use SecTrustGetCertificateCount and
626 SecTrustGetCertificateAtIndex. To get detailed status information for each
627 certificate, use SecTrustCopyProperties. To get the overall trust result
628 for the evaluation, use SecTrustGetTrustResult.
629 */
630 OSStatus SecTrustGetResult(SecTrustRef trustRef, SecTrustResultType * __nullable result,
631 CFArrayRef * __nonnull CF_RETURNS_RETAINED certChain, CSSM_TP_APPLE_EVIDENCE_INFO * __nullable * __nonnull statusChain)
632 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_7, __IPHONE_NA, __IPHONE_NA);
633
634 /*!
635 @function SecTrustGetCssmResult
636 @abstract Gets the CSSM trust result.
637 @param trust A reference to a trust.
638 @param result On return, a pointer to the CSSM trust result.
639 @result A result code. See "Security Error Codes" (SecBase.h).
640 @discussion This function is deprecated in OS X 10.7 and later,
641 and is not available on iOS.
642 To get detailed status information for each certificate, use
643 SecTrustCopyProperties. To get the overall trust result for the evaluation,
644 use SecTrustGetTrustResult.
645 */
646 OSStatus SecTrustGetCssmResult(SecTrustRef trust,
647 CSSM_TP_VERIFY_CONTEXT_RESULT_PTR __nullable * __nonnull result)
648 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_7, __IPHONE_NA, __IPHONE_NA);
649
650 /*!
651 @function SecTrustGetCssmResultCode
652 @abstract Gets the result code from the most recent call to SecTrustEvaluate
653 for the specified trust.
654 @param trust A reference to a trust.
655 @param resultCode On return, the result code produced by the most recent
656 evaluation of the given trust (cssmerr.h). The value of resultCode is
657 undefined if SecTrustEvaluate has not been called.
658 @result A result code. See "Security Error Codes" (SecBase.h). Returns
659 errSecTrustNotAvailable if SecTrustEvaluate has not been called for the
660 specified trust.
661 @discussion This function is deprecated in OS X 10.7 and later,
662 and is not available on iOS.
663 To get detailed status information for each certificate, use
664 SecTrustCopyProperties. To get the overall trust result for the evaluation,
665 use SecTrustGetTrustResult.
666 */
667 OSStatus SecTrustGetCssmResultCode(SecTrustRef trust, OSStatus *resultCode)
668 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_7, __IPHONE_NA, __IPHONE_NA);
669
670 /*!
671 @function SecTrustGetTPHandle
672 @abstract Gets the CSSM trust handle
673 @param trust A reference to a trust.
674 @param handle On return, a CSSM trust handle.
675 @result A result code. See "Security Error Codes" (SecBase.h).
676 @discussion This function is deprecated in OS X 10.7 and later.
677 */
678 OSStatus SecTrustGetTPHandle(SecTrustRef trust, CSSM_TP_HANDLE *handle)
679 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_7, __IPHONE_NA, __IPHONE_NA);
680
681 /*!
682 @function SecTrustCopyAnchorCertificates
683 @abstract Returns an array of default anchor (root) certificates used by
684 the system.
685 @param anchors On return, an array containing the system's default anchors
686 (roots). Call the CFRelease function to release this pointer.
687 @result A result code. See "Security Error Codes" (SecBase.h).
688 @discussion This function is not available on iOS, as certificate data
689 for system-trusted roots is currently unavailable on that platform.
690 */
691 OSStatus SecTrustCopyAnchorCertificates(CFArrayRef * __nonnull CF_RETURNS_RETAINED anchors)
692 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_NA);
693
694 CF_IMPLICIT_BRIDGING_DISABLED
695 CF_ASSUME_NONNULL_END
696
697 #endif /* TARGET_OS_MAC && !TARGET_OS_IPHONE */
698
699 __END_DECLS
700
701 #endif /* !_SECURITY_SECTRUST_H_ */