Annotation of embedaddon/strongswan/src/libstrongswan/credentials/certificates/crl.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2008 Martin Willi
! 3: * Copyright (C) 2006 Andreas Steffen
! 4: * HSR Hochschule fuer Technik Rapperswil
! 5: *
! 6: * This program is free software; you can redistribute it and/or modify it
! 7: * under the terms of the GNU General Public License as published by the
! 8: * Free Software Foundation; either version 2 of the License, or (at your
! 9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 10: *
! 11: * This program is distributed in the hope that it will be useful, but
! 12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 14: * for more details.
! 15: */
! 16:
! 17: /**
! 18: * @defgroup crl crl
! 19: * @{ @ingroup certificates
! 20: */
! 21:
! 22: #ifndef CRL_H_
! 23: #define CRL_H_
! 24:
! 25: typedef struct crl_t crl_t;
! 26: typedef enum crl_reason_t crl_reason_t;
! 27:
! 28: #include <library.h>
! 29: #include <credentials/certificates/certificate.h>
! 30:
! 31: /* <wincrypt.h> comes with CRL_REASON clashing with ours. Even if the values
! 32: * are identical, we undef them here to use our enum instead of defines. */
! 33: #ifdef WIN32
! 34: # undef CRL_REASON_UNSPECIFIED
! 35: # undef CRL_REASON_KEY_COMPROMISE
! 36: # undef CRL_REASON_CA_COMPROMISE
! 37: # undef CRL_REASON_AFFILIATION_CHANGED
! 38: # undef CRL_REASON_SUPERSEDED
! 39: # undef CRL_REASON_CERTIFICATE_HOLD
! 40: # undef CRL_REASON_REMOVE_FROM_CRL
! 41: #endif
! 42:
! 43: /**
! 44: * RFC 2459 CRL reason codes
! 45: */
! 46: enum crl_reason_t {
! 47: CRL_REASON_UNSPECIFIED = 0,
! 48: CRL_REASON_KEY_COMPROMISE = 1,
! 49: CRL_REASON_CA_COMPROMISE = 2,
! 50: CRL_REASON_AFFILIATION_CHANGED = 3,
! 51: CRL_REASON_SUPERSEDED = 4,
! 52: CRL_REASON_CESSATION_OF_OPERATON = 5,
! 53: CRL_REASON_CERTIFICATE_HOLD = 6,
! 54: CRL_REASON_REMOVE_FROM_CRL = 8,
! 55: };
! 56:
! 57: /**
! 58: * enum names for crl_reason_t
! 59: */
! 60: extern enum_name_t *crl_reason_names;
! 61:
! 62: /**
! 63: * X509 certificate revocation list (CRL) interface definition.
! 64: */
! 65: struct crl_t {
! 66:
! 67: /**
! 68: * Implements (parts of) the certificate_t interface
! 69: */
! 70: certificate_t certificate;
! 71:
! 72: /**
! 73: * Get the CRL serial number.
! 74: *
! 75: * @return chunk pointing to internal crlNumber
! 76: */
! 77: chunk_t (*get_serial)(crl_t *this);
! 78:
! 79: /**
! 80: * Get the the authorityKeyIdentifier.
! 81: *
! 82: * @return authKeyIdentifier chunk, point to internal data
! 83: */
! 84: chunk_t (*get_authKeyIdentifier)(crl_t *this);
! 85:
! 86: /**
! 87: * Is this CRL a delta CRL?
! 88: *
! 89: * @param base_crl gets to baseCrlNumber, if this is a delta CRL
! 90: * @return TRUE if delta CRL
! 91: */
! 92: bool (*is_delta_crl)(crl_t *this, chunk_t *base_crl);
! 93:
! 94: /**
! 95: * Create an enumerator over Freshest CRL distribution points and issuers.
! 96: *
! 97: * @return enumerator over x509_cdp_t
! 98: */
! 99: enumerator_t* (*create_delta_crl_uri_enumerator)(crl_t *this);
! 100:
! 101: /**
! 102: * Create an enumerator over all revoked certificates.
! 103: *
! 104: * The enumerator takes 3 pointer arguments:
! 105: * chunk_t serial, time_t revocation_date, crl_reason_t reason
! 106: *
! 107: * @return enumerator over revoked certificates.
! 108: */
! 109: enumerator_t* (*create_enumerator)(crl_t *this);
! 110: };
! 111:
! 112: /**
! 113: * Generic check if a given CRL is newer than another.
! 114: *
! 115: * @param crl CRL
! 116: * @param other CRL to compare to
! 117: * @return TRUE if this newer than other
! 118: */
! 119: bool crl_is_newer(crl_t *crl, crl_t *other);
! 120:
! 121: #endif /** CRL_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>