blob: 5968534898e0730138f43394b21ada20b41e3c6e [file] [log] [blame]
// Copyright (c) 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_CERT_KNOWN_ROOTS_MAC_H_
#define NET_CERT_KNOWN_ROOTS_MAC_H_
#include <Security/Security.h>
#include "starboard/types.h"
namespace net {
// IsKnownRoot returns true if the given certificate is one that we believe
// is a standard (as opposed to user-installed) root.
//
// NOTE: The first call will lazily initialize the known roots, which requires
// holding crypto::GetMacSecurityServicesLock(). Callers must therefore either
// acquire that lock prior to calling this, or eagerly initialize beforehand
// using InitializeKnownRoots().
bool IsKnownRoot(SecCertificateRef cert);
// Calling this is optional as initialization will otherwise be done lazily when
// calling IsKnownRoot(). When calling this, the current thread must NOT already
// be holding/ crypto::GetMacSecurityServicesLock().
void InitializeKnownRoots();
} // namespace net
#endif // NET_CERT_KNOWN_ROOTS_MAC_H_