1/* 2 * Copyright (c) 2006-2008,2010-2012,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24/* 25 * sslCrypto.h - interface between SSL and crypto libraries 26 */ 27 28#ifndef _SSL_CRYPTO_H_ 29#define _SSL_CRYPTO_H_ 1 30 31#include "ssl.h" 32#include "sslContext.h" 33#include <Security/SecKeyPriv.h> 34 35#ifdef __cplusplus 36extern "C" { 37#endif 38 39#ifndef NDEBUG 40extern void stPrintCdsaError(const char *op, OSStatus crtn); 41#else 42#define stPrintCdsaError(o, cr) 43#endif 44 45/* 46 * Get algorithm id for a SSLPubKey object. 47 */ 48CFIndex sslPubKeyGetAlgorithmID(SecKeyRef pubKey); 49 50/* 51 * Get algorithm id for a SSLPrivKey object. 52 */ 53CFIndex sslPrivKeyGetAlgorithmID(SecKeyRef privKey); 54 55/* 56 * Create a new SecTrust object and return it. 57 */ 58OSStatus 59sslCreateSecTrust( 60 SSLContext *ctx, 61 CFArrayRef certChain, 62 bool arePeerCerts, 63 SecTrustRef *trust); /* RETURNED */ 64 65OSStatus sslVerifySelectedCipher( 66 SSLContext *ctx); 67 68/* Convert DER certs to SecCertificateRefs */ 69CFArrayRef tls_get_peer_certs(const SSLCertificate *certs); 70 71/* 72 * Verify the peer cert chain. 73 */ 74int tls_verify_peer_cert(SSLContext *ctx); 75 76 77# 78#ifdef __cplusplus 79} 80#endif 81 82 83#endif /* _SSL_CRYPTO_H_ */ 84