36 lines
1.3 KiB
C
36 lines
1.3 KiB
C
#pragma once
|
|
#include <openssl/ssl.h>
|
|
|
|
enum ssl_X509_obj_type
|
|
{
|
|
SSL_X509_OBJ_CERT,
|
|
SSL_X509_OBJ_CRL
|
|
};
|
|
struct cert_store_param
|
|
{
|
|
unsigned int check_crl;
|
|
};
|
|
struct ssl_trusted_cert_storage;
|
|
struct ssl_trusted_cert_storage* ssl_trusted_cert_storage_create(const char* pem_bundle, const char* pem_dir, struct cert_store_param* param);
|
|
void ssl_trusted_cert_storage_destroy(struct ssl_trusted_cert_storage* storage);
|
|
struct cert_verify_param
|
|
{
|
|
char no_verify_self_signed;
|
|
char no_verify_cn;
|
|
char no_verify_issuer;
|
|
char no_verify_expiry_date;
|
|
char real_untrust;
|
|
};
|
|
struct cert_verify_result
|
|
{
|
|
char is_hostmatched;
|
|
char is_ev;
|
|
char is_ct;
|
|
int error_code;
|
|
};
|
|
int ssl_trusted_cert_storage_verify_conn(struct ssl_trusted_cert_storage* storage, SSL * ssl, const char* hostname, struct cert_verify_param* param, char* reason, size_t n_reason, struct cert_verify_result* result);
|
|
int ssl_trusted_cert_storage_add(struct ssl_trusted_cert_storage* storage, enum ssl_X509_obj_type type, const char* filename);
|
|
int ssl_trusted_cert_storage_del(struct ssl_trusted_cert_storage* storage, enum ssl_X509_obj_type type, const char* filename);
|
|
void ssl_trusted_cert_storage_reset(struct ssl_trusted_cert_storage* storage);
|
|
void ssl_trusted_cert_storage_reset_finish(struct ssl_trusted_cert_storage *storage);
|