github.com/shogo82148/std@v1.22.1-0.20240327122250-4e474527810c/crypto/x509/internal/macos/security.go

github.com/shogo82148/std@v1.22.1-0.20240327122250-4e474527810c/crypto/x509/internal/macos/security.go (about)

     1  // Copyright 2020 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build darwin
     6  
     7  package macOS
     8  
     9  import (
    10  	"github.com/shogo82148/std/errors"
    11  )
    12  
    13  type SecTrustSettingsResult int32
    14  
    15  const (
    16  	SecTrustSettingsResultInvalid SecTrustSettingsResult = iota
    17  	SecTrustSettingsResultTrustRoot
    18  	SecTrustSettingsResultTrustAsRoot
    19  	SecTrustSettingsResultDeny
    20  	SecTrustSettingsResultUnspecified
    21  )
    22  
    23  type SecTrustResultType int32
    24  
    25  const (
    26  	SecTrustResultInvalid SecTrustResultType = iota
    27  	SecTrustResultProceed
    28  	SecTrustResultConfirm
    29  	SecTrustResultDeny
    30  	SecTrustResultUnspecified
    31  	SecTrustResultRecoverableTrustFailure
    32  	SecTrustResultFatalTrustFailure
    33  	SecTrustResultOtherError
    34  )
    35  
    36  type SecTrustSettingsDomain int32
    37  
    38  const (
    39  	SecTrustSettingsDomainUser SecTrustSettingsDomain = iota
    40  	SecTrustSettingsDomainAdmin
    41  	SecTrustSettingsDomainSystem
    42  )
    43  
    44  const (
    45  	// various macOS error codes that can be returned from
    46  	// SecTrustEvaluateWithError that we can map to Go cert
    47  	// verification error types.
    48  	ErrSecCertificateExpired = -67818
    49  	ErrSecHostNameMismatch   = -67602
    50  	ErrSecNotTrusted         = -67843
    51  )
    52  
    53  type OSStatus struct {
    54  	call   string
    55  	status int32
    56  }
    57  
    58  func (s OSStatus) Error() string
    59  
    60  var SecTrustSettingsResultKey = StringToCFString("kSecTrustSettingsResult")
    61  var SecTrustSettingsPolicy = StringToCFString("kSecTrustSettingsPolicy")
    62  var SecTrustSettingsPolicyString = StringToCFString("kSecTrustSettingsPolicyString")
    63  var SecPolicyOid = StringToCFString("SecPolicyOid")
    64  var SecPolicyAppleSSL = StringToCFString("1.2.840.113635.100.1.3")
    65  
    66  var ErrNoTrustSettings = errors.New("no trust settings found")
    67  
    68  func SecTrustSettingsCopyCertificates(domain SecTrustSettingsDomain) (certArray CFRef, err error)
    69  
    70  func SecTrustSettingsCopyTrustSettings(cert CFRef, domain SecTrustSettingsDomain) (trustSettings CFRef, err error)
    71  
    72  func SecTrustCreateWithCertificates(certs CFRef, policies CFRef) (CFRef, error)
    73  
    74  func SecCertificateCreateWithData(b []byte) (CFRef, error)
    75  
    76  func SecPolicyCreateSSL(name string) (CFRef, error)
    77  
    78  func SecTrustSetVerifyDate(trustObj CFRef, dateRef CFRef) error
    79  
    80  func SecTrustEvaluate(trustObj CFRef) (CFRef, error)
    81  
    82  func SecTrustGetResult(trustObj CFRef, result CFRef) (CFRef, CFRef, error)
    83  
    84  func SecTrustEvaluateWithError(trustObj CFRef) (int, error)
    85  
    86  func SecTrustGetCertificateCount(trustObj CFRef) int
    87  
    88  func SecTrustGetCertificateAtIndex(trustObj CFRef, i int) (CFRef, error)
    89  
    90  func SecCertificateCopyData(cert CFRef) ([]byte, error)