Build-variant tidyup
[users/jgh/exim.git] / src / src / danessl.h
1 /*
2  *  Author: Viktor Dukhovni
3  *  License: THIS CODE IS IN THE PUBLIC DOMAIN.
4  */
5 #ifndef HEADER_DANESSL_H
6 #define HEADER_DANESSL_H
7
8 #include <stdint.h>
9 #include <openssl/ssl.h>
10
11 /*-
12  * Certificate usages:
13  * https://tools.ietf.org/html/rfc6698#section-2.1.1
14  */
15 #define DANESSL_USAGE_PKIX_TA   0
16 #define DANESSL_USAGE_PKIX_EE   1
17 #define DANESSL_USAGE_DANE_TA   2
18 #define DANESSL_USAGE_DANE_EE   3
19 #define DANESSL_USAGE_LAST              DANESSL_USAGE_DANE_EE
20
21 /*-
22  * Selectors:
23  * https://tools.ietf.org/html/rfc6698#section-2.1.2
24  */
25 #define DANESSL_SELECTOR_CERT           0
26 #define DANESSL_SELECTOR_SPKI           1
27 #define DANESSL_SELECTOR_LAST           DANESSL_SELECTOR_SPKI
28
29 /*-
30  * Matching types:
31  * https://tools.ietf.org/html/rfc6698#section-2.1.3
32  */
33 #define DANESSL_MATCHING_FULL           0
34 #define DANESSL_MATCHING_2256           1
35 #define DANESSL_MATCHING_2512           2
36 #define DANESSL_MATCHING_LAST           DANESSL_MATCHING_2512
37
38 extern int DANESSL_library_init(void);
39 extern int DANESSL_CTX_init(SSL_CTX *);
40 extern int DANESSL_init(SSL *, const char *, const char **);
41 extern void DANESSL_cleanup(SSL *);
42 extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *,
43                             unsigned const char *, size_t);
44 extern int DANESSL_get_match_cert(SSL *, X509 **, const char **, int *);
45 extern int DANESSL_verify_chain(SSL *, STACK_OF(X509) *);
46
47 #endif