summaryrefslogtreecommitdiffstats
path: root/src/danessl.h
blob: 1d6439e2f3482862ec6831f2dfbfa270077b6f88 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
/*
 *  Author: Viktor Dukhovni
 *  License: THIS CODE IS IN THE PUBLIC DOMAIN.
 */
#ifndef HEADER_DANESSL_H
#define HEADER_DANESSL_H

#include <stdint.h>
#include <openssl/ssl.h>

/*-
 * Certificate usages:
 * https://tools.ietf.org/html/rfc6698#section-2.1.1
 */
#define DANESSL_USAGE_PKIX_TA	0
#define DANESSL_USAGE_PKIX_EE	1
#define DANESSL_USAGE_DANE_TA	2
#define DANESSL_USAGE_DANE_EE	3
#define DANESSL_USAGE_LAST		DANESSL_USAGE_DANE_EE

/*-
 * Selectors:
 * https://tools.ietf.org/html/rfc6698#section-2.1.2
 */
#define DANESSL_SELECTOR_CERT		0
#define DANESSL_SELECTOR_SPKI		1
#define DANESSL_SELECTOR_LAST		DANESSL_SELECTOR_SPKI

/*-
 * Matching types:
 * https://tools.ietf.org/html/rfc6698#section-2.1.3
 */
#define DANESSL_MATCHING_FULL		0
#define DANESSL_MATCHING_2256		1
#define DANESSL_MATCHING_2512		2
#define DANESSL_MATCHING_LAST		DANESSL_MATCHING_2512

extern int DANESSL_library_init(void);
extern int DANESSL_CTX_init(SSL_CTX *);
extern int DANESSL_init(SSL *, const char *, const char **);
extern void DANESSL_cleanup(SSL *);
extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *,
			    unsigned const char *, size_t);
extern int DANESSL_get_match_cert(SSL *, X509 **, const char **, int *);
extern int DANESSL_verify_chain(SSL *, STACK_OF(X509) *);

#endif