SecCertificateInternal.h [plain text]
#ifndef _SECURITY_SECCERTIFICATEINTERNAL_H_
#define _SECURITY_SECCERTIFICATEINTERNAL_H_
#include <TargetConditionals.h>
#include <libDER/DER_Keys.h>
#include <Security/SecBase.h>
#include <Security/SecCertificatePriv.h>
#include <Security/certextensions.h>
#if SECURITY_PROJECT_TAPI_HACKS && SEC_OS_OSX
typedef enum {
NO_ENUM_VALUES,
} SecCEGeneralNameType;
typedef struct {} SecCEBasicConstraints;
typedef struct {} SecCEPolicyConstraints;
typedef struct {} SecCEPolicyMapping;
typedef struct {} SecCEPolicyMappings;
typedef struct {} SecCECertificatePolicies;
typedef struct {} SecCEInhibitAnyPolicy;
#endif
__BEGIN_DECLS
CFDataRef SecCertificateGetAuthorityKeyID(SecCertificateRef certificate);
CFDataRef SecCertificateGetSubjectKeyID(SecCertificateRef certificate);
CFArrayRef SecCertificateGetCRLDistributionPoints(SecCertificateRef certificate);
CFArrayRef SecCertificateGetOCSPResponders(SecCertificateRef certificate);
CFArrayRef SecCertificateGetCAIssuers(SecCertificateRef certificate);
void SecCertificateShow(SecCertificateRef certificate);
CFDataRef SecDistinguishedNameCopyNormalizedContent(CFDataRef distinguished_name);
bool SecCertificateHasSubject(SecCertificateRef certificate);
bool SecCertificateHasCriticalSubjectAltName(SecCertificateRef certificate);
const DERItem * SecCertificateGetSubjectAltName(SecCertificateRef certificate);
bool SecCertificateHasUnknownCriticalExtension(SecCertificateRef certificate);
CFDictionaryRef SecCertificateCopyAttributeDictionary(
SecCertificateRef certificate);
SecCertificateRef SecCertificateCreateFromAttributeDictionary(
CFDictionaryRef refAttributes);
#if TARGET_OS_OSX
SecKeyRef SecCertificateCopyPublicKey_ios(SecCertificateRef certificate)
__OSX_DEPRECATED(__MAC_10_12, __MAC_10_14, "Use SecCertificateCopyKey instead.");
#endif
const SecCEBasicConstraints *
SecCertificateGetBasicConstraints(SecCertificateRef certificate);
CFArrayRef SecCertificateGetPermittedSubtrees(SecCertificateRef certificate);
CFArrayRef SecCertificateGetExcludedSubtrees(SecCertificateRef certificate);
const SecCEPolicyConstraints *
SecCertificateGetPolicyConstraints(SecCertificateRef certificate);
const SecCEPolicyMappings *
SecCertificateGetPolicyMappings(SecCertificateRef certificate);
const SecCECertificatePolicies *
SecCertificateGetCertificatePolicies(SecCertificateRef certificate);
const SecCEInhibitAnyPolicy *
SecCertificateGetInhibitAnyPolicySkipCerts(SecCertificateRef certificate);
const DERAlgorithmId *SecCertificateGetPublicKeyAlgorithm(
SecCertificateRef certificate);
const DERItem *SecCertificateGetPublicKeyData(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyLegacyProperties(SecCertificateRef certificate);
OSStatus SecCertificateIsSignedBy(SecCertificateRef certificate,
SecKeyRef issuerKey);
#ifndef SECURITY_PROJECT_TAPI_HACKS
void appendProperty(CFMutableArrayRef properties, CFStringRef propertyType,
CFStringRef label, CFStringRef localizedLabel, CFTypeRef value, bool localized);
#endif
CFStringRef SecDERItemCopyOIDDecimalRepresentation(CFAllocatorRef allocator,
const DERItem *oid);
#ifndef SECURITY_PROJECT_TAPI_HACKS
CFDataRef createNormalizedX501Name(CFAllocatorRef allocator,
const DERItem *x501name);
#endif
CFAbsoluteTime SecAbsoluteTimeFromDateContent(DERTag tag, const uint8_t *bytes,
size_t length);
bool SecCertificateHasMarkerExtension(SecCertificateRef certificate, CFTypeRef oid);
typedef OSStatus (*parseGeneralNameCallback)(void *context,
SecCEGeneralNameType type, const DERItem *value);
OSStatus SecCertificateParseGeneralNameContentProperty(DERTag tag,
const DERItem *generalNameContent,
void *context, parseGeneralNameCallback callback);
OSStatus SecCertificateParseGeneralNames(const DERItem *generalNames, void *context,
parseGeneralNameCallback callback);
CFArrayRef SecCertificateCopyOrganizationFromX501NameContent(const DERItem *nameContent);
bool SecCertificateIsWeakKey(SecCertificateRef certificate);
bool SecCertificateIsAtLeastMinKeySize(SecCertificateRef certificate,
CFDictionaryRef keySizes);
bool SecCertificateIsStrongKey(SecCertificateRef certificate);
extern const CFStringRef kSecSignatureDigestAlgorithmUnknown;
#ifndef SECURITY_PROJECT_TAPI_HACKS
extern const CFStringRef kSecSignatureDigestAlgorithmMD2;
extern const CFStringRef kSecSignatureDigestAlgorithmMD4;
extern const CFStringRef kSecSignatureDigestAlgorithmMD5;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA1;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA224;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA256;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA384;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA512;
#endif
bool SecCertificateIsWeakHash(SecCertificateRef certificate);
CFDataRef SecCertificateCreateOidDataFromString(CFAllocatorRef allocator, CFStringRef string);
bool SecCertificateIsOidString(CFStringRef oid);
DERItem *SecCertificateGetExtensionValue(SecCertificateRef certificate, CFTypeRef oid);
CFArrayRef SecCertificateCopyDNSNamesFromSubject(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyIPAddressesFromSubject(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyRFC822NamesFromSubject(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyDNSNamesFromSAN(SecCertificateRef certificate);
__END_DECLS
#endif