OLD | NEW |
1 /* | 1 /* |
2 * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. | 2 * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. |
3 * | 3 * |
4 * @APPLE_LICENSE_HEADER_START@ | 4 * @APPLE_LICENSE_HEADER_START@ |
5 * | 5 * |
6 * This file contains Original Code and/or Modifications of Original Code | 6 * This file contains Original Code and/or Modifications of Original Code |
7 * as defined in and that are subject to the Apple Public Source License | 7 * as defined in and that are subject to the Apple Public Source License |
8 * Version 2.0 (the 'License'). You may not use this file except in | 8 * Version 2.0 (the 'License'). You may not use this file except in |
9 * compliance with the License. Please obtain a copy of the License at | 9 * compliance with the License. Please obtain a copy of the License at |
10 * http://www.opensource.apple.com/apsl/ and read it before using this | 10 * http://www.opensource.apple.com/apsl/ and read it before using this |
11 * file. | 11 * file. |
12 * | 12 * |
13 * The Original Code and all software distributed under the License are | 13 * The Original Code and all software distributed under the License are |
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
18 * Please see the License for the specific language governing rights and | 18 * Please see the License for the specific language governing rights and |
19 * limitations under the License. | 19 * limitations under the License. |
20 * | 20 * |
21 * @APPLE_LICENSE_HEADER_END@ | 21 * @APPLE_LICENSE_HEADER_END@ |
22 * | 22 * |
23 * cssmapplePriv.h -- Private CSSM features specific to Apple's Implementation | 23 * cssmapplePriv.h -- Private CSSM features specific to Apple's Implementation |
24 */ | 24 */ |
25 | 25 |
26 #ifndef _CSSMAPPLE_PRIV_H_ | 26 #ifndef _CSSMAPPLE_PRIV_H_ |
27 #define _CSSMAPPLE_PRIV_H_ 1 | 27 #define _CSSMAPPLE_PRIV_H_ 1 |
28 | 28 |
29 #include <Security/cssmtype.h> | 29 #include <Security/cssmtype.h> |
30 #include <Security/cssmapple.h> | 30 #include <Security/cssmapple.h> |
31 | 31 |
| 32 // CSSM functions are deprecated as of OSX 10.7, but have no replacement. |
| 33 // https://bugs.chromium.org/p/chromium/issues/detail?id=590914#c1 |
| 34 #pragma clang diagnostic push |
| 35 #pragma clang diagnostic ignored "-Wdeprecated-declarations" |
| 36 |
32 #ifdef __cplusplus | 37 #ifdef __cplusplus |
33 extern "C" { | 38 extern "C" { |
34 #endif | 39 #endif |
35 | 40 |
36 /* | 41 /* |
37 * Options for X509TP's CSSM_TP_CertGroupVerify for policy | 42 * Options for X509TP's CSSM_TP_CertGroupVerify for policy |
38 * CSSMOID_APPLE_TP_REVOCATION_OCSP. A pointer to, and length of, one | 43 * CSSMOID_APPLE_TP_REVOCATION_OCSP. A pointer to, and length of, one |
39 * of these is optionally placed in | 44 * of these is optionally placed in |
40 * CSSM_TP_VERIFY_CONTEXT.Cred->Policy.PolicyIds[n].FieldValue. | 45 * CSSM_TP_VERIFY_CONTEXT.Cred->Policy.PolicyIds[n].FieldValue. |
41 */ | 46 */ |
42 | 47 |
43 #define CSSM_APPLE_TP_OCSP_OPTS_VERSION 0 | 48 #define CSSM_APPLE_TP_OCSP_OPTS_VERSION 0 |
44 | 49 |
45 typedef uint32 CSSM_APPLE_TP_OCSP_OPT_FLAGS; | 50 typedef uint32 CSSM_APPLE_TP_OCSP_OPT_FLAGS; |
46 enum { | 51 enum { |
47 // require OCSP verification for each cert; default is "try" | 52 // require OCSP verification for each cert; default is "try" |
48 CSSM_TP_ACTION_OCSP_REQUIRE_PER_CERT = 0x00000001, | 53 CSSM_TP_ACTION_OCSP_REQUIRE_PER_CERT = 0x00000001, |
49 // require OCSP verification for certs which claim an OCSP responder | 54 // require OCSP verification for certs which claim an OCSP responder |
50 CSSM_TP_ACTION_OCSP_REQUIRE_IF_RESP_PRESENT = 0x00000002, | 55 CSSM_TP_ACTION_OCSP_REQUIRE_IF_RESP_PRESENT = 0x00000002, |
51 // disable network OCSP transactions | 56 // disable network OCSP transactions |
52 CSSM_TP_ACTION_OCSP_DISABLE_NET = 0x0000
0004, | 57 CSSM_TP_ACTION_OCSP_DISABLE_NET = 0x0000
0004, |
53 // disable reads from local OCSP cache | 58 // disable reads from local OCSP cache |
54 CSSM_TP_ACTION_OCSP_CACHE_READ_DISABLE = 0x00000008, | 59 CSSM_TP_ACTION_OCSP_CACHE_READ_DISABLE = 0x00000008, |
55 // disable reads from local OCSP cache | 60 // disable reads from local OCSP cache |
56 CSSM_TP_ACTION_OCSP_CACHE_WRITE_DISABLE = 0x00000010, | 61 CSSM_TP_ACTION_OCSP_CACHE_WRITE_DISABLE = 0x00000010, |
57 // if set and positive OCSP verify for given cert, no further revocation | 62 // if set and positive OCSP verify for given cert, no further revocation |
58 // checking need be done on that cert | 63 // checking need be done on that cert |
59 CSSM_TP_ACTION_OCSP_SUFFICIENT = 0x0000
0020, | 64 CSSM_TP_ACTION_OCSP_SUFFICIENT = 0x0000
0020, |
60 // generate nonce in OCSP request | 65 // generate nonce in OCSP request |
61 CSSM_TP_OCSP_GEN_NONCE
= 0x00000040, | 66 CSSM_TP_OCSP_GEN_NONCE
= 0x00000040, |
62 // when generating nonce, require matching nonce in response | 67 // when generating nonce, require matching nonce in response |
63 CSSM_TP_OCSP_REQUIRE_RESP_NONCE = 0x0000
0080 | 68 CSSM_TP_OCSP_REQUIRE_RESP_NONCE = 0x0000
0080 |
64 }; | 69 }; |
65 | 70 |
66 typedef struct { | 71 typedef struct { |
67 » uint32» » » » » » » Version;» | 72 » uint32» » » » » » » Version; |
68 CSSM_APPLE_TP_OCSP_OPT_FLAGS Flags; | 73 CSSM_APPLE_TP_OCSP_OPT_FLAGS Flags; |
69 CSSM_DATA_PTR LocalResponder;
/* URI */ | 74 CSSM_DATA_PTR LocalResponder;
/* URI */ |
70 CSSM_DATA_PTR LocalResponderCert;
/* X509 DER encoded cert */ | 75 CSSM_DATA_PTR LocalResponderCert;
/* X509 DER encoded cert */ |
71 } CSSM_APPLE_TP_OCSP_OPTIONS; | 76 } CSSM_APPLE_TP_OCSP_OPTIONS; |
72 | 77 |
73 #ifdef __cplusplus | 78 #ifdef __cplusplus |
74 } | 79 } |
75 #endif | 80 #endif |
76 | 81 |
| 82 #pragma clang diagnostic pop // "-Wdeprecated-declarations" |
| 83 |
77 #endif /* _CSSMAPPLE_PRIV_H_ */ | 84 #endif /* _CSSMAPPLE_PRIV_H_ */ |
OLD | NEW |