Loading doc/crypto/SCT_new.pod +18 −0 Original line number Diff line number Diff line Loading @@ -8,6 +8,24 @@ SCT - A Certificate Transparency Signed Certificate Timestamp #include <openssl/ct.h> typedef enum { CT_LOG_ENTRY_TYPE_NOT_SET = -1, CT_LOG_ENTRY_TYPE_X509 = 0, CT_LOG_ENTRY_TYPE_PRECERT = 1 } ct_log_entry_type_t; typedef enum { SCT_VERSION_NOT_SET = -1, SCT_VERSION_V1 = 0 } sct_version_t; typedef enum { SCT_SOURCE_UNKNOWN, SCT_SOURCE_TLS_EXTENSION, SCT_SOURCE_X509V3_EXTENSION, SCT_SOURCE_OCSP_STAPLED_RESPONSE } sct_source_t; SCT *SCT_new(void); SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, Loading doc/crypto/SCT_validate.pod +9 −0 Original line number Diff line number Diff line Loading @@ -9,6 +9,15 @@ checks Signed Certificate Timestamps meet a Certificate Transparency policy #include <openssl/ct.h> typedef enum { SCT_VALIDATION_STATUS_NOT_SET, SCT_VALIDATION_STATUS_UNKNOWN_LOG, SCT_VALIDATION_STATUS_VALID, SCT_VALIDATION_STATUS_INVALID, SCT_VALIDATION_STATUS_UNVERIFIED, SCT_VALIDATION_STATUS_UNKNOWN_VERSION } sct_validation_status_t; sct_validation_status_t SCT_get_validation_status(const SCT *sct); int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx); int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx); Loading Loading
doc/crypto/SCT_new.pod +18 −0 Original line number Diff line number Diff line Loading @@ -8,6 +8,24 @@ SCT - A Certificate Transparency Signed Certificate Timestamp #include <openssl/ct.h> typedef enum { CT_LOG_ENTRY_TYPE_NOT_SET = -1, CT_LOG_ENTRY_TYPE_X509 = 0, CT_LOG_ENTRY_TYPE_PRECERT = 1 } ct_log_entry_type_t; typedef enum { SCT_VERSION_NOT_SET = -1, SCT_VERSION_V1 = 0 } sct_version_t; typedef enum { SCT_SOURCE_UNKNOWN, SCT_SOURCE_TLS_EXTENSION, SCT_SOURCE_X509V3_EXTENSION, SCT_SOURCE_OCSP_STAPLED_RESPONSE } sct_source_t; SCT *SCT_new(void); SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, Loading
doc/crypto/SCT_validate.pod +9 −0 Original line number Diff line number Diff line Loading @@ -9,6 +9,15 @@ checks Signed Certificate Timestamps meet a Certificate Transparency policy #include <openssl/ct.h> typedef enum { SCT_VALIDATION_STATUS_NOT_SET, SCT_VALIDATION_STATUS_UNKNOWN_LOG, SCT_VALIDATION_STATUS_VALID, SCT_VALIDATION_STATUS_INVALID, SCT_VALIDATION_STATUS_UNVERIFIED, SCT_VALIDATION_STATUS_UNKNOWN_VERSION } sct_validation_status_t; sct_validation_status_t SCT_get_validation_status(const SCT *sct); int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx); int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx); Loading
Rich Salz <rsalz@openssl.org> Reviewed-by:
Matt Caswell <matt@openssl.org>