blob: ca2a43e429d2bac05116209b057e1dc63d3a7d92 [file] [log] [blame]
Rich Salz99d63d42016-10-26 13:56:48 -04001=pod
2
3=head1 NAME
4
5ct - Certificate Transparency
6
7=head1 SYNOPSIS
8
9 #include <openssl/ct.h>
10
11=head1 DESCRIPTION
12
13This library implements Certificate Transparency (CT) verification for TLS
14clients, as defined in RFC 6962. This verification can provide some confidence
15that a certificate has been publicly logged in a set of CT logs.
16
17By default, these checks are disabled. They can be enabled using
Christian Heimes6f8b8582018-12-17 22:56:17 +010018L<SSL_CTX_enable_ct(3)> or L<SSL_enable_ct(3)>.
Rich Salz99d63d42016-10-26 13:56:48 -040019
20This library can also be used to parse and examine CT data structures, such as
21Signed Certificate Timestamps (SCTs), or to read a list of CT logs. There are
22functions for:
23- decoding and encoding SCTs in DER and TLS wire format.
24- printing SCTs.
25- verifying the authenticity of SCTs.
26- loading a CT log list from a CONF file.
27
28=head1 SEE ALSO
29
30L<d2i_SCT_LIST(3)>,
31L<CTLOG_STORE_new(3)>,
32L<CTLOG_STORE_get0_log_by_id(3)>,
33L<SCT_new(3)>,
34L<SCT_print(3)>,
Rich Salz99d63d42016-10-26 13:56:48 -040035L<SCT_validate(3)>,
Rich Salz9e183d22017-03-11 08:56:44 -050036L<SCT_validate(3)>,
37L<CT_POLICY_EVAL_CTX_new(3)>,
Rich Salz99d63d42016-10-26 13:56:48 -040038L<SSL_CTX_set_ct_validation_callback(3)>
39
40=head1 HISTORY
41
Dr. Matthias St. Pierrefc5ecad2018-12-09 01:02:36 +010042The ct library was added in OpenSSL 1.1.0.
Rich Salz99d63d42016-10-26 13:56:48 -040043
44=head1 COPYRIGHT
45
Rich Salz9e183d22017-03-11 08:56:44 -050046Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
Rich Salz99d63d42016-10-26 13:56:48 -040047
Richard Levitte31877912018-12-06 14:05:22 +010048Licensed under the Apache License 2.0 (the "License"). You may not use
Rich Salz99d63d42016-10-26 13:56:48 -040049this file except in compliance with the License. You can obtain a copy
50in the file LICENSE in the source distribution or at
51L<https://www.openssl.org/source/license.html>.
52
53=cut