2 * Author: Viktor Dukhovni
3 * License: THIS CODE IS IN THE PUBLIC DOMAIN.
5 #ifndef HEADER_DANESSL_H
6 #define HEADER_DANESSL_H
9 #include <openssl/ssl.h>
13 * https://tools.ietf.org/html/rfc6698#section-2.1.1
15 #define DANESSL_USAGE_PKIX_TA 0
16 #define DANESSL_USAGE_PKIX_EE 1
17 #define DANESSL_USAGE_DANE_TA 2
18 #define DANESSL_USAGE_DANE_EE 3
19 #define DANESSL_USAGE_LAST DANESSL_USAGE_DANE_EE
23 * https://tools.ietf.org/html/rfc6698#section-2.1.2
25 #define DANESSL_SELECTOR_CERT 0
26 #define DANESSL_SELECTOR_SPKI 1
27 #define DANESSL_SELECTOR_LAST DANESSL_SELECTOR_SPKI
31 * https://tools.ietf.org/html/rfc6698#section-2.1.3
33 #define DANESSL_MATCHING_FULL 0
34 #define DANESSL_MATCHING_2256 1
35 #define DANESSL_MATCHING_2512 2
36 #define DANESSL_MATCHING_LAST DANESSL_MATCHING_2512
38 extern int DANESSL_library_init(void);
39 extern int DANESSL_CTX_init(SSL_CTX *);
40 extern int DANESSL_init(SSL *, const char *, const char **);
41 extern void DANESSL_cleanup(SSL *);
42 extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *,
43 unsigned const char *, size_t);
44 extern int DANESSL_get_match_cert(SSL *, X509 **, const char **, int *);
45 extern int DANESSL_verify_chain(SSL *, STACK_OF(X509) *);