X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/libsecurity_keychain/lib/SecTrustPriv.h diff --git a/libsecurity_keychain/lib/SecTrustPriv.h b/libsecurity_keychain/lib/SecTrustPriv.h deleted file mode 100644 index 2244a018..00000000 --- a/libsecurity_keychain/lib/SecTrustPriv.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 2003-2010 Apple Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -/*! - @header SecTrustPriv - Private part of SecTrust.h -*/ - -#ifndef _SECURITY_SECTRUST_PRIV_H_ -#define _SECURITY_SECTRUST_PRIV_H_ - -#include -#include -#include - - -#if defined(__cplusplus) -extern "C" { -#endif - -/* - unique keychain item attributes for user trust records. -*/ -enum { - kSecTrustCertAttr = 'tcrt', - kSecTrustPolicyAttr = 'tpol', - /* Leopard and later */ - kSecTrustPubKeyAttr = 'tpbk', - kSecTrustSignatureAttr = 'tsig' -}; - -/*! - @function SecTrustGetUserTrust - @abstract Gets the user-specified trust settings of a certificate and policy. - @param certificate A reference to a certificate. - @param policy A reference to a policy. - @param trustSetting On return, a pointer to the user specified trust settings. - @result A result code. See "Security Error Codes" (SecBase.h). - @availability Mac OS X version 10.4. Deprecated in Mac OS X version 10.5. -*/ -OSStatus SecTrustGetUserTrust(SecCertificateRef certificate, SecPolicyRef policy, SecTrustUserSetting *trustSetting) - /*DEPRECATED_IN_MAC_OS_X_VERSION_10_5_AND_LATER*/; - -/*! - @function SecTrustSetUserTrust - @abstract Sets the user-specified trust settings of a certificate and policy. - @param certificate A reference to a certificate. - @param policy A reference to a policy. - @param trustSetting The user-specified trust settings. - @result A result code. See "Security Error Codes" (SecBase.h). - @availability Mac OS X version 10.4. Deprecated in Mac OS X version 10.5. - @discussion as of Mac OS version 10.5, this will result in a call to - SecTrustSettingsSetTrustSettings(). -*/ -OSStatus SecTrustSetUserTrust(SecCertificateRef certificate, SecPolicyRef policy, SecTrustUserSetting trustSetting) - /*DEPRECATED_IN_MAC_OS_X_VERSION_10_5_AND_LATER*/; - -/*! - @function SecTrustSetUserTrustLegacy - @abstract Sets the user-specified trust settings of a certificate and policy. - @param certificate A reference to a certificate. - @param policy A reference to a policy. - @param trustSetting The user-specified trust settings. - @result A result code. See "Security Error Codes" (SecBase.h). - - @This is the private version of what used to be SecTrustSetUserTrust(); it operates - on UserTrust entries as that function used to. The current SecTrustSetUserTrust() - function operated on Trust Settings. -*/ -OSStatus SecTrustSetUserTrustLegacy(SecCertificateRef certificate, SecPolicyRef policy, SecTrustUserSetting trustSetting); - -/*! - @function SecTrustGetCSSMAnchorCertificates - @abstract Retrieves the CSSM anchor certificates. - @param cssmAnchors A pointer to an array of anchor certificates. - @param cssmAnchorCount A pointer to the number of certificates in anchors. - @result A result code. See "Security Error Codes" (SecBase.h). - @availability Mac OS X version 10.4. Deprecated in Mac OS X version 10.5. -*/ -OSStatus SecTrustGetCSSMAnchorCertificates(const CSSM_DATA **cssmAnchors, uint32 *cssmAnchorCount) - /*DEPRECATED_IN_MAC_OS_X_VERSION_10_5_AND_LATER*/; - -/*! - @function SecTrustCopyExtendedResult - @abstract Gets the extended trust result after an evaluation has been performed. - @param trust A trust reference. - @param result On return, result points to a CFDictionaryRef containing extended trust results (if no error occurred). - The caller is responsible for releasing this dictionary with CFRelease when finished with it. - @result A result code. See "Security Error Codes" (SecBase.h). - @discussion This function may only be used after SecTrustEvaluate has been called for the trust reference, otherwise - errSecTrustNotAvailable is returned. If the certificate is not an extended validation certificate, there is - no extended result data and errSecDataNotAvailable is returned. Currently, only one dictionary key is defined - (kSecEVOrganizationName). - - Note: this function will be deprecated in a future release of OS X. Your - code should use SecTrustCopyResult to obtain the trust results dictionary. -*/ -OSStatus SecTrustCopyExtendedResult(SecTrustRef trust, CFDictionaryRef *result) - __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_NA); - - -/*! - @enum Trust Result Constants - @discussion Predefined key constants used to obtain values in a - dictionary of trust evaluation results for a certificate chain, - as retrieved from a call to SecTrustCopyResult. - - @constant kSecTrustResultDetails - This key will be present if a trust evaluation has been performed. - Its value is a CFArrayRef of CFDictionaryRef representing detailed - status info for each certificate in the completed chain. - */ -extern CFTypeRef kSecTrustResultDetails - __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_NA); - - -/* - * Preference-related strings for Revocation policies. - */ - -/* - * Preference domain, i.e., the name of a plist in ~/Library/Preferences or in - * /Library/Preferences - */ -#define kSecRevocationDomain "com.apple.security.revocation" - -/* OCSP and CRL style keys, followed by values used for both of them */ -#define kSecRevocationOcspStyle CFSTR("OCSPStyle") -#define kSecRevocationCrlStyle CFSTR("CRLStyle") - #define kSecRevocationOff CFSTR("None") /* default for each one */ - #define kSecRevocationBestAttempt CFSTR("BestAttempt") - #define kSecRevocationRequireIfPresent CFSTR("RequireIfPresent") - #define kSecRevocationRequireForAll CFSTR("RequireForAll") - -/* Which first if both enabled? */ -#define kSecRevocationWhichFirst CFSTR("RevocationFirst") - #define kSecRevocationOcspFirst CFSTR("OCSP") - #define kSecRevocationCrlFirst CFSTR("CRL") - -/* boolean: A "this policy is sufficient per cert" for each */ -#define kSecRevocationOCSPSufficientPerCert CFSTR("OCSPSufficientPerCert") -#define kSecRevocationCRLSufficientPerCert CFSTR("CRLSufficientPerCert") - -/* local OCSP responder URI, value arbitrary string value */ -#define kSecOCSPLocalResponder CFSTR("OCSPLocalResponder") - -/* Extended trust result keys (now in public API) */ -#define kSecEVOrganizationName kSecTrustOrganizationName -#define kSecTrustExpirationDate kSecTrustRevocationValidUntilDate - -#if defined(__cplusplus) -} -#endif - -#endif /* !_SECURITY_SECTRUST_PRIV_H_ */