1/*
2 * Copyright (c) 2006-2009,2011-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24/*!
25	@header SecCertificate
26	The functions provided in SecCertificate.h implement and manage a
27    particular type of keychain item that represents a X.509 public key
28    certificate. You can store a certificate in a keychain, but a
29    certificate can also be a transient object.
30
31	You can use a certificate as a keychain item in most functions.
32*/
33
34#ifndef _SECURITY_SECCERTIFICATEP_H_
35#define _SECURITY_SECCERTIFICATEP_H_
36
37#include "SecBaseP.h"
38#include <CoreFoundation/CFData.h>
39#include <CoreFoundation/CFDate.h>
40
41#if defined(__cplusplus)
42extern "C" {
43#endif
44
45/*!
46	@function SecCertificateGetTypeIDP
47	@abstract Returns the type identifier of SecCertificate instances.
48	@result The CFTypeID of SecCertificate instances.
49*/
50CFTypeID SecCertificateGetTypeIDP(void)
51    __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_2_0);
52
53/*!
54	@function SecCertificateCreateWithDataP
55	@abstract Create a certificate given it's DER representation as a CFData.
56    @param allocator CFAllocator to allocate the certificate with.
57    @param certificate DER encoded X.509 certificate.
58	@result Return NULL if the passed-in data is not a valid DER-encoded
59    X.509 certificate, return a SecCertificateRef otherwise.
60*/
61SecCertificateRefP SecCertificateCreateWithDataP(CFAllocatorRef allocator,
62    CFDataRef data) __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
63
64/*!
65	@function SecCertificateCopyDataP
66	@abstract Return the DER representation of an X.509 certificate.
67    @param certificate SecCertificate object created with
68    SecCertificateCreateWithDataP().
69	@result DER encoded X.509 certificate.
70*/
71CFDataRef SecCertificateCopyDataP(SecCertificateRefP certificate)
72    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
73
74/*!
75	@function SecCertificateCopySubjectSummary
76	@abstract Return a simple string which hopefully represents a human
77    understandable summary.
78    @param certificate SecCertificate object created with
79    SecCertificateCreateWithDataP().
80    @discussion All the data in this string comes from the certificate itself
81    and thus it's in whatever language the certificate itself is in.
82	@result A CFStringRef which the caller should CFRelease() once it's no
83    longer needed.
84*/
85CFStringRef SecCertificateCopySubjectSummaryP(SecCertificateRefP certificate)
86    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
87
88/*!
89	@function SecCertificateIsValid
90	@abstract Returns true if the given certificate is valid
91	at the specified verifyTime.
92    @param certificate SecCertificate object created with
93    SecCertificateCreateWithDataP().
94	@result DER encoded X.509 certificate.
95*/
96bool SecCertificateIsValidP(SecCertificateRefP certificate, CFAbsoluteTime verifyTime)
97    __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_2_0);
98
99/*!
100	@function SecCertificateCopyPublicKeySHA1DigestFromCertificateData
101	@abstract Returns the SHA1 hasj of the public key of a certificate or NULL
102    @param allocator CFAllocator to allocate the certificate with.
103    @param certificate DER encoded X.509 certificate.
104	@result SHA1 hasj of the public key of a certificate or NULL
105*/
106CFDataRef SecCertificateCopyPublicKeySHA1DigestFromCertificateData(CFAllocatorRef allocator,
107	CFDataRef der_certificate);
108
109
110#if defined(__cplusplus)
111}
112#endif
113
114#endif /* !_SECURITY_SECCERTIFICATEP_H_ */
115