1#ifndef SENSESP_SRC_SENSESP_SIGNALK_SIGNALK_TOFU_H_
2#define SENSESP_SRC_SENSESP_SIGNALK_SIGNALK_TOFU_H_
42 bool leaf_matches_anchor,
44 bool leaf_has_identity) {
45 if (!has_leaf_anchor) {
46 const bool ca_usable = ca_present && leaf_has_identity;
TofuCaptureDecision tofu_decide_capture(bool has_leaf_anchor, bool leaf_matches_anchor, bool ca_present, bool leaf_has_identity)
TofuCaptureDecision
Capture-mode decision for TOFU certificate pinning.
@ kCaptureLeaf
first use, no usable CA in the chain: pin the leaf
@ kAccept
leaf matches the stored fingerprint; nothing to capture
@ kCaptureCa
first use, usable CA present: pin the CA
@ kReject
leaf does not match the stored fingerprint