Struct SecPolicy

Source

pub struct SecPolicy { /* private fields */ }

Available on crate feature SecBase only.

Expand description

CFType representing a X.509 certificate trust policy. See SecPolicy.h for details.

Implementations§

Source §

impl SecPolicy

Source

pub unsafe fn properties(&self) -> Option<CFRetained<CFDictionary>>

Available on crate feature SecPolicy only.

Returns a dictionary of this policy’s properties.

Parameter policyRef: A policy reference.

Returns: A properties dictionary. See “Policy Value Constants” for a list of currently defined property keys. It is the caller’s responsibility to CFRelease this reference when it is no longer needed.

Returns: A result code. See “Security Error Codes” (SecBase.h).

This function returns the properties for a policy, as set by the policy’s construction function or by a prior call to SecPolicySetProperties.

Source

pub unsafe fn new_basic_x509() -> CFRetained<SecPolicy>

Available on crate feature SecPolicy only.

Returns a policy object for the default X.509 policy.

Returns: A policy object. The caller is responsible for calling CFRelease on this when it is no longer needed.

Source

pub unsafe fn new_ssl( server: bool, hostname: Option<&CFString>, ) -> CFRetained<SecPolicy>

Available on crate feature SecPolicy only.

Returns a policy object for evaluating SSL certificate chains.

Parameter server: Passing true for this parameter creates a policy for SSL server certificates.

Parameter hostname: (Optional) If present, the policy will require the specified hostname to match the hostname in the leaf certificate.

Returns: A policy object. The caller is responsible for calling CFRelease on this when it is no longer needed.

Source §

impl SecPolicy

Source

pub unsafe fn new_revocation( revocation_flags: CFOptionFlags, ) -> Option<CFRetained<SecPolicy>>

Available on crate feature SecPolicy only.

Returns a policy object for checking revocation of certificates.

Returns: A policy object. The caller is responsible for calling CFRelease on this when it is no longer needed.

Parameter revocationFlags: Flags to specify revocation checking options.

Use this function to create a revocation policy with behavior specified by revocationFlags. See the “Revocation Policy Constants” section for a description of these flags. Note: it is usually not necessary to create a revocation policy yourself unless you wish to override default system behavior (e.g. to force a particular method, or to disable revocation checking entirely.)

Source

pub unsafe fn with_properties( policy_identifier: &CFType, properties: Option<&CFDictionary>, ) -> Option<CFRetained<SecPolicy>>

Available on crate feature SecPolicy only.

Returns a policy object based on an object identifier for the policy type. See the “Policy Constants” section for a list of defined policy object identifiers.

Parameter policyIdentifier: The identifier for the desired policy type.

Parameter properties: (Optional) A properties dictionary. See “Policy Value Constants” for a list of currently defined property keys.

Returns: The returned policy reference, or NULL if the policy could not be created.

§Safety

policy_identifier should be of the correct type.
properties generics must be of the correct type.

Source §

impl SecPolicy

Source

pub unsafe fn with_oid(policy_oid: &CFType) -> Option<CFRetained<SecPolicy>>

👎Deprecated

Available on crate feature SecPolicy only.

Returns a policy object based on an object identifier for the policy type. See the “Policy Constants” section for a list of defined policy object identifiers.

Parameter policyOID: The OID of the desired policy.

Returns: The returned policy reference, or NULL if the policy could not be created.

This function is deprecated in Mac OS X 10.9 and later; use SecPolicyCreateWithProperties (or a more specific policy creation function) instead.

§Safety

policy_oid should be of the correct type.

Source

pub unsafe fn oid(&self, oid: NonNull<SecAsn1Oid>) -> i32

👎Deprecated

Available on crate features SecPolicy and SecAsn1Types only.

Returns a policy’s object identifier.

Parameter policyRef: A policy reference.

Parameter oid: On return, a pointer to the policy’s object identifier.

Returns: A result code. See “Security Error Codes” (SecBase.h).

This function is deprecated in Mac OS X 10.7 and later; use SecPolicyCopyProperties instead.

§Safety

oid must be a valid pointer.

Source

pub unsafe fn value(&self, value: NonNull<SecAsn1Item>) -> i32

👎Deprecated

Available on crate features SecPolicy and SecAsn1Types only.

Returns a policy’s value.

Parameter policyRef: A policy reference.

Parameter value: On return, a pointer to the policy’s value.

Returns: A result code. See “Security Error Codes” (SecBase.h).

This function is deprecated in Mac OS X 10.7 and later; use SecPolicyCopyProperties instead.

§Safety

value must be a valid pointer.

Source

pub unsafe fn set_value(&self, value: NonNull<SecAsn1Item>) -> i32

👎Deprecated

Available on crate features SecPolicy and SecAsn1Types only.

Sets a policy’s value.

Parameter policyRef: A policy reference.

Parameter value: The value to be set into the policy object, replacing any previous value.

Returns: A result code. See “Security Error Codes” (SecBase.h).

This function is deprecated in Mac OS X 10.7 and later. Policy instances should be considered read-only; in cases where your code would consider changing properties of a policy, it should instead create a new policy instance with the desired properties.

§Safety

value must be a valid pointer.

Source

pub unsafe fn set_properties(&self, properties: &CFDictionary) -> i32

👎Deprecated

Available on crate feature SecPolicy only.

Sets a policy’s properties.

Parameter policyRef: A policy reference.

Parameter properties: A properties dictionary. See “Policy Value Constants” for a list of currently defined property keys. This dictionary replaces the policy’s existing properties, if any. Note that the policy OID (specified by kSecPolicyOid) is a read-only property of the policy and cannot be set.

Returns: A result code. See “Security Error Codes” (SecBase.h).

This function is deprecated in Mac OS X 10.9 and later. Policy instances should be considered read-only; in cases where your code would consider changing properties of a policy, it should instead create a new policy instance with the desired properties.

§Safety

properties generics must be of the correct type.

Source

pub unsafe fn tp_handle(&self, tp_handle: NonNull<CSSM_TP_HANDLE>) -> i32

👎Deprecated

Available on crate features SecPolicy and cssmconfig and cssmtype only.

Returns the CSSM trust policy handle for the given policy.

Parameter policyRef: A policy reference.

Parameter tpHandle: On return, a pointer to a value of type CSSM_TP_HANDLE.

Returns: A result code. See “Security Error Codes” (SecBase.h).

This function is deprecated in Mac OS X 10.7 and later.

§Safety

tp_handle must be a valid pointer.

Methods from Deref<Target = CFType>§

Source

pub fn downcast_ref<T>(&self) -> Option<&T>
where T: ConcreteType,

Available on crate feature SecCustomTransform only.

Attempt to downcast the type to that of type T.

This is the reference-variant. Use CFRetained::downcast if you want to convert a retained type. See also ConcreteType for more details on which types support being converted to.

Source

pub fn retain_count(&self) -> usize

Available on crate feature SecCustomTransform only.

Get the reference count of the object.

This function may be useful for debugging. You normally do not use this function otherwise.

Beware that some things (like CFNumbers, small CFStrings etc.) may not have a normal retain count for optimization purposes, and can return usize::MAX in that case.