Annotation of embedaddon/strongswan/src/libstrongswan/credentials/certificates/crl.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2008 Martin Willi
3: * Copyright (C) 2006 Andreas Steffen
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: /**
18: * @defgroup crl crl
19: * @{ @ingroup certificates
20: */
21:
22: #ifndef CRL_H_
23: #define CRL_H_
24:
25: typedef struct crl_t crl_t;
26: typedef enum crl_reason_t crl_reason_t;
27:
28: #include <library.h>
29: #include <credentials/certificates/certificate.h>
30:
31: /* <wincrypt.h> comes with CRL_REASON clashing with ours. Even if the values
32: * are identical, we undef them here to use our enum instead of defines. */
33: #ifdef WIN32
34: # undef CRL_REASON_UNSPECIFIED
35: # undef CRL_REASON_KEY_COMPROMISE
36: # undef CRL_REASON_CA_COMPROMISE
37: # undef CRL_REASON_AFFILIATION_CHANGED
38: # undef CRL_REASON_SUPERSEDED
39: # undef CRL_REASON_CERTIFICATE_HOLD
40: # undef CRL_REASON_REMOVE_FROM_CRL
41: #endif
42:
43: /**
44: * RFC 2459 CRL reason codes
45: */
46: enum crl_reason_t {
47: CRL_REASON_UNSPECIFIED = 0,
48: CRL_REASON_KEY_COMPROMISE = 1,
49: CRL_REASON_CA_COMPROMISE = 2,
50: CRL_REASON_AFFILIATION_CHANGED = 3,
51: CRL_REASON_SUPERSEDED = 4,
52: CRL_REASON_CESSATION_OF_OPERATON = 5,
53: CRL_REASON_CERTIFICATE_HOLD = 6,
54: CRL_REASON_REMOVE_FROM_CRL = 8,
55: };
56:
57: /**
58: * enum names for crl_reason_t
59: */
60: extern enum_name_t *crl_reason_names;
61:
62: /**
63: * X509 certificate revocation list (CRL) interface definition.
64: */
65: struct crl_t {
66:
67: /**
68: * Implements (parts of) the certificate_t interface
69: */
70: certificate_t certificate;
71:
72: /**
73: * Get the CRL serial number.
74: *
75: * @return chunk pointing to internal crlNumber
76: */
77: chunk_t (*get_serial)(crl_t *this);
78:
79: /**
80: * Get the the authorityKeyIdentifier.
81: *
82: * @return authKeyIdentifier chunk, point to internal data
83: */
84: chunk_t (*get_authKeyIdentifier)(crl_t *this);
85:
86: /**
87: * Is this CRL a delta CRL?
88: *
89: * @param base_crl gets to baseCrlNumber, if this is a delta CRL
90: * @return TRUE if delta CRL
91: */
92: bool (*is_delta_crl)(crl_t *this, chunk_t *base_crl);
93:
94: /**
95: * Create an enumerator over Freshest CRL distribution points and issuers.
96: *
97: * @return enumerator over x509_cdp_t
98: */
99: enumerator_t* (*create_delta_crl_uri_enumerator)(crl_t *this);
100:
101: /**
102: * Create an enumerator over all revoked certificates.
103: *
104: * The enumerator takes 3 pointer arguments:
105: * chunk_t serial, time_t revocation_date, crl_reason_t reason
106: *
107: * @return enumerator over revoked certificates.
108: */
109: enumerator_t* (*create_enumerator)(crl_t *this);
110: };
111:
112: /**
113: * Generic check if a given CRL is newer than another.
114: *
115: * @param crl CRL
116: * @param other CRL to compare to
117: * @return TRUE if this newer than other
118: */
119: bool crl_is_newer(crl_t *crl, crl_t *other);
120:
121: #endif /** CRL_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to crl.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / certificates