/opensource.apple.com/source/Security/Security-163/Keychain/SecTrust.h

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>SecTrust.h</title>
<style type="text/css">
.enscript-comment { font-style: italic; color: rgb(178,34,34); }
.enscript-function-name { font-weight: bold; color: rgb(0,0,255); }
.enscript-variable-name { font-weight: bold; color: rgb(184,134,11); }
.enscript-keyword { font-weight: bold; color: rgb(160,32,240); }
.enscript-reference { font-weight: bold; color: rgb(95,158,160); }
.enscript-string { font-weight: bold; color: rgb(188,143,143); }
.enscript-builtin { font-weight: bold; color: rgb(218,112,214); }
.enscript-type { font-weight: bold; color: rgb(34,139,34); }
.enscript-highlight { text-decoration: underline; color: 0; }
</style>
</head>
<body id="top">
<h1 style="margin:8px;" id="f1">SecTrust.h&nbsp;&nbsp;&nbsp;<span style="font-weight: normal; font-size: 0.5em;">[<a href="?txt">plain text</a>]</span></h1>
<hr/>
<div></div>
<pre>
<span class="enscript-comment">/*
 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at <a href="http://www.apple.com/publicsource">http://www.apple.com/publicsource</a> and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */</span>

<span class="enscript-comment">/*!
	@header SecTrust
	The functions and data types in SecTrust implement trust computation and allows the user to apply trust decisions to the trust configuration.
*/</span>

#<span class="enscript-reference">ifndef</span> <span class="enscript-variable-name">_SECURITY_SECTRUST_H_</span>
#<span class="enscript-reference">define</span> <span class="enscript-variable-name">_SECURITY_SECTRUST_H_</span>

#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/SecBase.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/cssmtype.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/cssmapple.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;CoreFoundation/CoreFoundation.h&gt;</span>


#<span class="enscript-reference">if</span> <span class="enscript-reference">defined</span>(<span class="enscript-variable-name">__cplusplus</span>)
<span class="enscript-type">extern</span> <span class="enscript-string">&quot;C&quot;</span> {
#<span class="enscript-reference">endif</span>

<span class="enscript-comment">/*!
	@typedef SecTrustResultType
	@abstract Specifies the trust result type.
	@constant kSecTrustResultInvalid Indicates an invalid setting or result.
	@constant kSecTrustResultProceed Indicates you may proceed.  This value may be returned by the SecTrustEvaluate function or stored as part of the user trust settings. 
	@constant kSecTrustResultConfirm Indicates confirmation with the user is required before proceeding.  This value may be returned by the SecTrustEvaluate function or stored as part of the user trust settings. 
	@constant kSecTrustResultDeny Indicates a user-configured deny; do not proceed. This value may be returned by the SecTrustEvaluate function or stored as part of the user trust settings. 
	@constant kSecTrustResultUnspecified Indicates user intent is unknown. This value may be returned by the SecTrustEvaluate function or stored as part of the user trust settings. 
	@constant kSecTrustResultRecoverableTrustFailure Indicates a trust framework failure; retry after fixing inputs. This value may be returned by the SecTrustEvaluate function but not stored as part of the user trust settings. 
	@constant kSecTrustResultFatalTrustFailure Indicates a trust framework failure; no &quot;easy&quot; fix. This value may be returned by the SecTrustEvaluate function but not stored as part of the user trust settings.
	@constant kSecTrustResultOtherError Indicates a failure other than that of trust evaluation. This value may be returned by the SecTrustEvaluate function but not stored as part of the user trust settings.
 */</span>
<span class="enscript-type">typedef</span> <span class="enscript-type">enum</span> {
    kSecTrustResultInvalid,
    kSecTrustResultProceed,
    kSecTrustResultConfirm,
    kSecTrustResultDeny,
    kSecTrustResultUnspecified,
    kSecTrustResultRecoverableTrustFailure,
    kSecTrustResultFatalTrustFailure,
    kSecTrustResultOtherError
} SecTrustResultType;

<span class="enscript-comment">/*!
	@typedef SecTrustUserSetting
	@abstract Specifies user-specified trust settings.
*/</span>
<span class="enscript-type">typedef</span> SecTrustResultType SecTrustUserSetting;

<span class="enscript-comment">/*!
	@typedef SecTrustRef
	@abstract A pointer to an opaque trust management structure.
*/</span>
<span class="enscript-type">typedef</span> <span class="enscript-type">struct</span> OpaqueSecTrustRef *SecTrustRef;

<span class="enscript-comment">/*!
	@function SecTrustGetTypeID
	@abstract Returns the type identifier of SecTrust instances.
	@result The CFTypeID of SecTrust instances.
*/</span>
CFTypeID <span class="enscript-function-name">SecTrustGetTypeID</span>(<span class="enscript-type">void</span>);

<span class="enscript-comment">/*!
	@function SecTrustCreateWithCertificates
	@abstract Creates a trust based on the given certificates and policies.
    @param certificates The group of certificates to verify.
    @param policies An array of one or more policies. You may pass a SecPolicyRef
		to represent a single policy.
	@param trustRef On return, a pointer to the trust management reference.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustCreateWithCertificates</span>(CFArrayRef certificates, CFTypeRef policies, SecTrustRef *trustRef);

<span class="enscript-comment">/*!
	@function SecTrustSetParameters
	@abstract Sets the action and action data for a trust.
	@param trustRef The reference to the trust to change.
	@param action A CSSM trust action.
	@param actionData A reference to action data.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
 */</span>
OSStatus <span class="enscript-function-name">SecTrustSetParameters</span>(SecTrustRef trustRef, CSSM_TP_ACTION action, CFDataRef actionData);

<span class="enscript-comment">/*!
	@function SecTrustSetAnchorCertificates
	@abstract Sets the anchor certificates for a given trust.
	@param trust A reference to a trust.
	@param anchorCertificates An array of anchor certificates.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustSetAnchorCertificates</span>(SecTrustRef trust, CFArrayRef anchorCertificates);

<span class="enscript-comment">/*!
	@function SecTrustSetKeychains
	@abstract Sets the keychains for a given trust.
	@param trust A reference to a trust.
    @param keychainOrArray An reference to an array of keychains to search, a single keychain or NULL to search the user's default keychain search list.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustSetKeychains</span>(SecTrustRef trust, CFTypeRef keychainOrArray);

<span class="enscript-comment">/*!
	@function SecTrustSetVerifyDate
	@abstract Verifies the date of a given trust.
	@param trust A reference to the trust to verify.
	@param verifyDate The date to verify.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustSetVerifyDate</span>(SecTrustRef trust, CFDateRef verifyDate);

<span class="enscript-comment">/*!
	@function SecTrustEvaluate
	@abstract Evaluates a trust.
	@param trust A reference to the trust to evaluate.
	@param result A pointer to a result type.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).	
*/</span>
OSStatus <span class="enscript-function-name">SecTrustEvaluate</span>(SecTrustRef trust, SecTrustResultType *result);

<span class="enscript-comment">/*!
	@function SecTrustGetResult
	@abstract Returns detail information on the outcome of a call to SecTrustEvaluate.
	@param trustRef A reference to a trust.
	@param result A pointer to the result from the call to SecTrustEvaluate.
	@param certChain On return, a pointer to the certificate chain used to validate the input certificate.
	@param statusChain On return, a pointer to the status of the certificate chain.  Do not attempt to free this pointer; it remains valid until the trust is destroyed or the next call to SecTrustEvaluate.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustGetResult</span>(SecTrustRef trustRef, SecTrustResultType *result, CFArrayRef *certChain, CSSM_TP_APPLE_EVIDENCE_INFO **statusChain);

<span class="enscript-comment">/*!
	@function SecTrustGetCssmResult
	@abstract Gets the CSSM trust result.
	@param trust A reference to a trust.
	@param result On return, a pointer to the CSSM trust result.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustGetCssmResult</span>(SecTrustRef trust, CSSM_TP_VERIFY_CONTEXT_RESULT_PTR *result);

<span class="enscript-comment">/*!
	@function SecTrustGetTPHandle
	@abstract Gets the CSSM trust handle
	@param trust A reference to a trust.
	@param handle On return, a pointer to a CSSM trust handle.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustGetTPHandle</span>(SecTrustRef trust, CSSM_TP_HANDLE *handle);

<span class="enscript-comment">/*!
	@function SecTrustCopyAnchorCertificates
	@abstract Returns the anchor (root) certificates.
    @param anchors On return, a pointer to the anchors (roots).  This may be used with the function SecCertificateGroupVerify.  Call the CFRelease function to release this pointer.
    @result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustCopyAnchorCertificates</span>(CFArrayRef* anchors);

<span class="enscript-comment">/*!
	@function SecTrustGetCSSMAnchorCertificates
	@abstract Retrieves the CSSM anchor certificates.
	@param cssmAnchors A pointer to an array of anchor certificates.
	@param cssmAnchorCount A pointer to the number of certificates in anchors.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustGetCSSMAnchorCertificates</span>(<span class="enscript-type">const</span> CSSM_DATA **cssmAnchors, uint32 *cssmAnchorCount);

<span class="enscript-comment">/*!
	@function SecTrustGetUserTrust
	@abstract Gets the user-specified trust settings of a certificate and policy.
	@param certificate A reference to a certificate.
	@param policy A reference to a policy.
	@param trustSetting On return, a pointer to the user specified trust settings.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustGetUserTrust</span>(SecCertificateRef certificate, SecPolicyRef policy, SecTrustUserSetting *trustSetting);

<span class="enscript-comment">/*!
	@function SecTrustSetUserTrust
	@abstract Sets the user-specified trust settings of a certificate and policy.
	@param certificate A reference to a certificate.
	@param policy A reference to a policy.
	@param trustSetting The user-specified trust settings.
	@result A result code.  See &quot;Security Error Codes&quot; (SecBase.h).
*/</span>
OSStatus <span class="enscript-function-name">SecTrustSetUserTrust</span>(SecCertificateRef certificate, SecPolicyRef policy, SecTrustUserSetting trustSetting);


#<span class="enscript-reference">if</span> <span class="enscript-reference">defined</span>(<span class="enscript-variable-name">__cplusplus</span>)
}
#<span class="enscript-reference">endif</span>

#<span class="enscript-reference">endif</span> <span class="enscript-comment">/* !_SECURITY_SECTRUST_H_ */</span>
</pre>
<hr />
</body></html>