SecCertificateInternal.h [plain text]
#ifndef _SECURITY_SECCERTIFICATEINTERNAL_H_
#define _SECURITY_SECCERTIFICATEINTERNAL_H_
#include <TargetConditionals.h>
#include <libDER/DER_Keys.h>
#include <Security/SecBase.h>
#include <Security/SecCertificatePriv.h>
#include <Security/certextensions.h>
#if SECURITY_PROJECT_TAPI_HACKS && SEC_OS_OSX
typedef struct {
bool present;
bool critical;
bool isCA;
bool pathLenConstraintPresent;
uint32_t pathLenConstraint;
} SecCEBasicConstraints;
typedef struct {
bool present;
bool critical;
bool requireExplicitPolicyPresent;
uint32_t requireExplicitPolicy;
bool inhibitPolicyMappingPresent;
uint32_t inhibitPolicyMapping;
} SecCEPolicyConstraints;
typedef struct {
DERItem policyIdentifier;
DERItem policyQualifiers;
} SecCEPolicyInformation;
typedef struct {
bool present;
bool critical;
size_t numPolicies; SecCEPolicyInformation *policies;
} SecCECertificatePolicies;
typedef struct {
DERItem issuerDomainPolicy;
DERItem subjectDomainPolicy;
} SecCEPolicyMapping;
typedef struct {
bool present;
bool critical;
size_t numMappings; SecCEPolicyMapping *mappings;
} SecCEPolicyMappings;
typedef struct {
bool present;
bool critical;
uint32_t skipCerts;
} SecCEInhibitAnyPolicy;
#endif
__BEGIN_DECLS
SecSignatureHashAlgorithm SecSignatureHashAlgorithmForAlgorithmOid(const DERItem *algOid);
CFDataRef SecCertificateGetAuthorityKeyID(SecCertificateRef certificate);
CFDataRef SecCertificateGetSubjectKeyID(SecCertificateRef certificate);
CFArrayRef SecCertificateGetCRLDistributionPoints(SecCertificateRef certificate);
CFArrayRef SecCertificateGetCAIssuers(SecCertificateRef certificate);
void SecCertificateShow(SecCertificateRef certificate);
CFDataRef SecDistinguishedNameCopyNormalizedContent(CFDataRef distinguished_name);
bool SecCertificateHasSubject(SecCertificateRef certificate);
bool SecCertificateHasCriticalSubjectAltName(SecCertificateRef certificate);
const DERItem * SecCertificateGetSubjectAltName(SecCertificateRef certificate);
bool SecCertificateHasUnknownCriticalExtension(SecCertificateRef certificate);
CFDictionaryRef SecCertificateCopyAttributeDictionary(
SecCertificateRef certificate);
SecCertificateRef SecCertificateCreateFromAttributeDictionary(
CFDictionaryRef refAttributes);
#if TARGET_OS_OSX
SecKeyRef SecCertificateCopyPublicKey_ios(SecCertificateRef certificate)
__OSX_DEPRECATED(__MAC_10_12, __MAC_10_14, "Use SecCertificateCopyKey instead.");
#endif
const SecCEBasicConstraints *
SecCertificateGetBasicConstraints(SecCertificateRef certificate);
CFArrayRef SecCertificateGetPermittedSubtrees(SecCertificateRef certificate);
CFArrayRef SecCertificateGetExcludedSubtrees(SecCertificateRef certificate);
const SecCEPolicyConstraints *
SecCertificateGetPolicyConstraints(SecCertificateRef certificate);
const SecCEPolicyMappings *
SecCertificateGetPolicyMappings(SecCertificateRef certificate);
const SecCECertificatePolicies *
SecCertificateGetCertificatePolicies(SecCertificateRef certificate);
const SecCEInhibitAnyPolicy *
SecCertificateGetInhibitAnyPolicySkipCerts(SecCertificateRef certificate);
const DERAlgorithmId *SecCertificateGetPublicKeyAlgorithm(
SecCertificateRef certificate);
const DERItem *SecCertificateGetPublicKeyData(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyLegacyProperties(SecCertificateRef certificate);
OSStatus SecCertificateIsSignedBy(SecCertificateRef certificate,
SecKeyRef issuerKey);
#ifndef SECURITY_PROJECT_TAPI_HACKS
void appendProperty(CFMutableArrayRef properties, CFStringRef propertyType,
CFStringRef label, CFStringRef localizedLabel, CFTypeRef value, bool localized);
#endif
CFStringRef SecDERItemCopyOIDDecimalRepresentation(CFAllocatorRef allocator,
const DERItem *oid);
#ifndef SECURITY_PROJECT_TAPI_HACKS
CFDataRef createNormalizedX501Name(CFAllocatorRef allocator,
const DERItem *x501name);
#endif
CFAbsoluteTime SecAbsoluteTimeFromDateContent(DERTag tag, const uint8_t *bytes,
size_t length);
bool SecCertificateHasMarkerExtension(SecCertificateRef certificate, CFTypeRef oid);
bool SecCertificateHasOCSPNoCheckMarkerExtension(SecCertificateRef certificate);
typedef OSStatus (*parseGeneralNameCallback)(void *context,
SecCEGeneralNameType type, const DERItem *value);
OSStatus SecCertificateParseGeneralNameContentProperty(DERTag tag,
const DERItem *generalNameContent,
void *context, parseGeneralNameCallback callback);
OSStatus SecCertificateParseGeneralNames(const DERItem *generalNames, void *context,
parseGeneralNameCallback callback);
CFArrayRef SecCertificateCopyOrganizationFromX501NameContent(const DERItem *nameContent);
bool SecCertificateIsWeakKey(SecCertificateRef certificate);
bool SecCertificateIsAtLeastMinKeySize(SecCertificateRef certificate,
CFDictionaryRef keySizes);
bool SecCertificateIsStrongKey(SecCertificateRef certificate);
extern const CFStringRef kSecSignatureDigestAlgorithmUnknown;
#ifndef SECURITY_PROJECT_TAPI_HACKS
extern const CFStringRef kSecSignatureDigestAlgorithmMD2;
extern const CFStringRef kSecSignatureDigestAlgorithmMD4;
extern const CFStringRef kSecSignatureDigestAlgorithmMD5;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA1;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA224;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA256;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA384;
extern const CFStringRef kSecSignatureDigestAlgorithmSHA512;
#endif
bool SecCertificateIsWeakHash(SecCertificateRef certificate);
CFDataRef SecCertificateCreateOidDataFromString(CFAllocatorRef allocator, CFStringRef string);
bool SecCertificateIsOidString(CFStringRef oid);
DERItem *SecCertificateGetExtensionValue(SecCertificateRef certificate, CFTypeRef oid);
CFArrayRef SecCertificateCopyRFC822NamesFromSubject(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyDNSNamesFromSAN(SecCertificateRef certificate);
CFArrayRef SecCertificateCopyIPAddressDatas(SecCertificateRef certificate);
CFIndex SecCertificateGetUnparseableKnownExtension(SecCertificateRef certificate);
__END_DECLS
#endif