Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 1 | =pod |
| 2 | |
| 3 | =head1 NAME |
| 4 | |
| 5 | ct - Certificate Transparency |
| 6 | |
| 7 | =head1 SYNOPSIS |
| 8 | |
| 9 | #include <openssl/ct.h> |
| 10 | |
| 11 | =head1 DESCRIPTION |
| 12 | |
| 13 | This library implements Certificate Transparency (CT) verification for TLS |
| 14 | clients, as defined in RFC 6962. This verification can provide some confidence |
| 15 | that a certificate has been publicly logged in a set of CT logs. |
| 16 | |
| 17 | By default, these checks are disabled. They can be enabled using |
Christian Heimes | 6f8b858 | 2018-12-17 22:56:17 +0100 | [diff] [blame] | 18 | L<SSL_CTX_enable_ct(3)> or L<SSL_enable_ct(3)>. |
Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 19 | |
| 20 | This library can also be used to parse and examine CT data structures, such as |
| 21 | Signed Certificate Timestamps (SCTs), or to read a list of CT logs. There are |
| 22 | functions for: |
| 23 | - decoding and encoding SCTs in DER and TLS wire format. |
| 24 | - printing SCTs. |
| 25 | - verifying the authenticity of SCTs. |
| 26 | - loading a CT log list from a CONF file. |
| 27 | |
| 28 | =head1 SEE ALSO |
| 29 | |
| 30 | L<d2i_SCT_LIST(3)>, |
| 31 | L<CTLOG_STORE_new(3)>, |
| 32 | L<CTLOG_STORE_get0_log_by_id(3)>, |
| 33 | L<SCT_new(3)>, |
| 34 | L<SCT_print(3)>, |
Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 35 | L<SCT_validate(3)>, |
Rich Salz | 9e183d2 | 2017-03-11 08:56:44 -0500 | [diff] [blame] | 36 | L<SCT_validate(3)>, |
| 37 | L<CT_POLICY_EVAL_CTX_new(3)>, |
Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 38 | L<SSL_CTX_set_ct_validation_callback(3)> |
| 39 | |
| 40 | =head1 HISTORY |
| 41 | |
Dr. Matthias St. Pierre | fc5ecad | 2018-12-09 01:02:36 +0100 | [diff] [blame] | 42 | The ct library was added in OpenSSL 1.1.0. |
Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 43 | |
| 44 | =head1 COPYRIGHT |
| 45 | |
Rich Salz | 9e183d2 | 2017-03-11 08:56:44 -0500 | [diff] [blame] | 46 | Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. |
Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 47 | |
Richard Levitte | 3187791 | 2018-12-06 14:05:22 +0100 | [diff] [blame] | 48 | Licensed under the Apache License 2.0 (the "License"). You may not use |
Rich Salz | 99d63d4 | 2016-10-26 13:56:48 -0400 | [diff] [blame] | 49 | this file except in compliance with the License. You can obtain a copy |
| 50 | in the file LICENSE in the source distribution or at |
| 51 | L<https://www.openssl.org/source/license.html>. |
| 52 | |
| 53 | =cut |