]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/lib/sslCrypto.h
Security-57740.31.2.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / lib / sslCrypto.h
1 /*
2 * Copyright (c) 2006-2008,2010-2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * sslCrypto.h - interface between SSL and crypto libraries
26 */
27
28 #ifndef _SSL_CRYPTO_H_
29 #define _SSL_CRYPTO_H_ 1
30
31 #include "ssl.h"
32 #include "sslContext.h"
33 #include <Security/SecKeyPriv.h>
34
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38
39 #ifndef NDEBUG
40 extern void stPrintCdsaError(const char *op, OSStatus crtn);
41 #else
42 #define stPrintCdsaError(o, cr)
43 #endif
44
45 /*
46 * Get algorithm id for a SSLPubKey object.
47 */
48 CFIndex sslPubKeyGetAlgorithmID(SecKeyRef pubKey);
49
50 /*
51 * Get algorithm id for a SSLPrivKey object.
52 */
53 CFIndex sslPrivKeyGetAlgorithmID(SecKeyRef privKey);
54
55 /*
56 * Create a new SecTrust object and return it.
57 */
58 OSStatus
59 sslCreateSecTrust(
60 SSLContext *ctx,
61 SecTrustRef *trust); /* RETURNED */
62
63 OSStatus sslVerifySelectedCipher(
64 SSLContext *ctx);
65
66 /* Convert DER certs to SecCertificateRefs */
67 CFArrayRef tls_get_peer_certs(const SSLCertificate *certs);
68
69 /*
70 * Set the pubkey after receiving the certificate
71 */
72 int tls_set_peer_pubkey(SSLContext *ctx);
73
74 /*
75 * Verify the peer cert chain (after receiving the server hello or client cert)
76 */
77 int tls_verify_peer_cert(SSLContext *ctx);
78
79
80 #
81 #ifdef __cplusplus
82 }
83 #endif
84
85
86 #endif /* _SSL_CRYPTO_H_ */