2 * Copyright (c) 2018-2020 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 #include <CoreFoundation/CoreFoundation.h>
27 #include "../utilities/SecFileLocations.h"
29 #include "../sec/ipc/securityd_client.h"
30 #include "trust/trustd/SecPolicyServer.h"
31 #include "trust/trustd/SecTrustServer.h"
32 #include "trust/trustd/SecTrustStoreServer.h"
33 #include "trust/trustd/SecOCSPCache.h"
34 #include "trust/trustd/OTATrustUtilities.h"
35 #include "trust/trustd/SecTrustLoggingServer.h"
36 #include "trust/trustd/SecRevocationDb.h"
37 #include "trust/trustd/SecPinningDb.h"
38 #include "trustd_spi.h"
41 #include "trust/trustd/macOS/SecTrustOSXEntryPoints.h"
45 #include "trust/trustd/SecTrustExceptionResetCount.h"
51 struct trustd trustd_spi
= {
52 .sec_trust_store_for_domain
= SecTrustStoreForDomainName
,
53 .sec_trust_store_contains
= SecTrustStoreContainsCertificateWithDigest
,
54 .sec_trust_store_set_trust_settings
= _SecTrustStoreSetTrustSettings
,
55 .sec_trust_store_remove_certificate
= SecTrustStoreRemoveCertificateWithDigest
,
56 .sec_truststore_remove_all
= _SecTrustStoreRemoveAll
,
57 .sec_trust_evaluate
= SecTrustServerEvaluate
,
58 .sec_ota_pki_trust_store_version
= SecOTAPKIGetCurrentTrustStoreVersion
,
59 .sec_ota_pki_asset_version
= SecOTAPKIGetCurrentAssetVersion
,
60 .ota_CopyEscrowCertificates
= SecOTAPKICopyCurrentEscrowCertificates
,
61 .sec_ota_pki_copy_trusted_ct_logs
= SecOTAPKICopyCurrentTrustedCTLogs
,
62 .sec_ota_pki_copy_ct_log_for_keyid
= SecOTAPKICopyCTLogForKeyID
,
63 .sec_ota_pki_get_new_asset
= SecOTAPKISignalNewAsset
,
64 .sec_ota_secexperiment_get_new_asset
= SecOTASecExperimentGetNewAsset
,
65 .sec_ota_secexperiment_get_asset
= SecOTASecExperimentCopyAsset
,
66 .sec_trust_store_copy_all
= _SecTrustStoreCopyAll
,
67 .sec_trust_store_copy_usage_constraints
= _SecTrustStoreCopyUsageConstraints
,
68 .sec_ocsp_cache_flush
= SecOCSPCacheFlush
,
69 .sec_networking_analytics_report
= SecNetworkingAnalyticsReport
,
70 .sec_trust_store_set_ct_exceptions
= _SecTrustStoreSetCTExceptions
,
71 .sec_trust_store_copy_ct_exceptions
= _SecTrustStoreCopyCTExceptions
,
73 .sec_trust_get_exception_reset_count
= SecTrustServerGetExceptionResetCount
,
74 .sec_trust_increment_exception_reset_count
= SecTrustServerIncrementExceptionResetCount
,
76 .sec_trust_store_set_ca_revocation_additions
= _SecTrustStoreSetCARevocationAdditions
,
77 .sec_trust_store_copy_ca_revocation_additions
= _SecTrustStoreCopyCARevocationAdditions
,
78 .sec_valid_update
= SecRevocationDbUpdate
,
82 void trustd_init(CFURLRef home_path
) {
84 SetCustomHomeURL(home_path
);
89 void trustd_init_server(void) {
91 gTrustd
= &trustd_spi
;
92 SecPolicyServerInitialize();
93 SecRevocationDbInitialize();
94 SecPinningDbInitialize();
96 SecTrustLegacySourcesListenForKeychainEvents(); // set up the legacy keychain event listeners (for cache invalidation)
projects / apple / security.git / blob