Internalizes SCT_verify and removes SCT_verify_v1

[openssl.git] / crypto / ct / ct_locl.h

diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h
index e3ef4b749408e6bacf5bea3aa2a31d87416a8416..6b2fa3ef0c818257e350575ae133ca04f2500e4d 100644 (file)
--- a/crypto/ct/ct_locl.h
+++ b/crypto/ct/ct_locl.h
@@ -150,6 +150,13 @@ __owur int SCT_CTX_set1_issuer_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey);
  */
 __owur int SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey);
 
+/*
+ * Verifies an SCT with the given context.
+ * Returns 1 if the SCT verifies successfully; any other value indicates
+ * failure. See EVP_DigestVerifyFinal() for the meaning of those values.
+ */
+__owur int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct);
+
 /*
  * Does this SCT have the minimum fields populated to be usable?
  * Returns 1 if so, 0 otherwise.
@@ -168,4 +175,4 @@ __owur int SCT_signature_is_complete(const SCT *sct);
 /*
  * Handlers for Certificate Transparency X509v3/OCSP extensions
  */
-extern const X509V3_EXT_METHOD v3_ct_scts[];
+extern const X509V3_EXT_METHOD v3_ct_scts[3];