1 /* 2 * Author: Viktor Dukhovni 3 * License: THIS CODE IS IN THE PUBLIC DOMAIN. 4 */ 5 #ifndef HEADER_DANESSL_H 6 #define HEADER_DANESSL_H 7 8 #include <stdint.h> 9 #include <openssl/ssl.h> 10 11 /*- 12 * Certificate usages: 13 * https://tools.ietf.org/html/rfc6698#section-2.1.1 14 */ 15 #define DANESSL_USAGE_PKIX_TA 0 16 #define DANESSL_USAGE_PKIX_EE 1 17 #define DANESSL_USAGE_DANE_TA 2 18 #define DANESSL_USAGE_DANE_EE 3 19 #define DANESSL_USAGE_LAST DANESSL_USAGE_DANE_EE 20 21 /*- 22 * Selectors: 23 * https://tools.ietf.org/html/rfc6698#section-2.1.2 24 */ 25 #define DANESSL_SELECTOR_CERT 0 26 #define DANESSL_SELECTOR_SPKI 1 27 #define DANESSL_SELECTOR_LAST DANESSL_SELECTOR_SPKI 28 29 /*- 30 * Matching types: 31 * https://tools.ietf.org/html/rfc6698#section-2.1.3 32 */ 33 #define DANESSL_MATCHING_FULL 0 34 #define DANESSL_MATCHING_2256 1 35 #define DANESSL_MATCHING_2512 2 36 #define DANESSL_MATCHING_LAST DANESSL_MATCHING_2512 37 38 extern int DANESSL_library_init(void); 39 extern int DANESSL_CTX_init(SSL_CTX *); 40 extern int DANESSL_init(SSL *, const char *, const char **); 41 extern void DANESSL_cleanup(SSL *); 42 extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *, 43 unsigned const char *, size_t); 44 extern int DANESSL_get_match_cert(SSL *, X509 **, const char **, int *); 45 extern int DANESSL_verify_chain(SSL *, STACK_OF(X509) *); 46 47 #endif 48