Annotation of embedaddon/strongswan/src/libstrongswan/credentials/certificates/ocsp_response.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2019 Tobias Brunner
3: * Copyright (C) 2008 Martin Willi
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: /**
18: * @defgroup ocsp_response ocsp_response
19: * @{ @ingroup certificates
20: */
21:
22: #ifndef OCSP_RESPONSE_H_
23: #define OCSP_RESPONSE_H_
24:
25: #include <credentials/certificates/x509.h>
26: #include <credentials/certificates/crl.h>
27:
28: typedef struct ocsp_response_t ocsp_response_t;
29: typedef enum ocsp_status_t ocsp_status_t;
30:
31: /**
32: * OCSP response status
33: */
34: enum ocsp_status_t {
35: OCSP_SUCCESSFUL = 0,
36: OCSP_MALFORMEDREQUEST = 1,
37: OCSP_INTERNALERROR = 2,
38: OCSP_TRYLATER = 3,
39: OCSP_SIGREQUIRED = 5,
40: OCSP_UNAUTHORIZED = 6,
41: };
42:
43: /**
44: * enum names for ocsp_status_t
45: */
46: extern enum_name_t *ocsp_status_names;
47:
48: /**
49: * OCSP response message.
50: */
51: struct ocsp_response_t {
52:
53: /**
54: * Implements certificate_t interface
55: */
56: certificate_t certificate;
57:
58: /**
59: * Get the nonce received with this OCSP response.
60: *
61: * @return nonce in the response (internal data)
62: */
63: chunk_t (*get_nonce)(ocsp_response_t *this);
64:
65: /**
66: * Check the status of a certificate by this OCSP response.
67: *
68: * @param subject certificate to check status
69: * @param issuer issuer certificate of subject
70: * @param revocation_time receives time of revocation, if revoked
71: * @param revocation_reason receives reason of revocation, if revoked
72: * @param this_update creation time of revocation list
73: * @param next_update expected time of next revocation list
74: * @return certificate revocation status
75: */
76: cert_validation_t (*get_status)(ocsp_response_t *this,
77: x509_t *subject, x509_t *issuer,
78: time_t *revocation_time,
79: crl_reason_t *revocation_reason,
80: time_t *this_update, time_t *next_update);
81:
82: /**
83: * Create an enumerator over the contained certificates.
84: *
85: * @return enumerator over certificate_t*
86: */
87: enumerator_t* (*create_cert_enumerator)(ocsp_response_t *this);
88:
89: /**
90: * Create an enumerator over the contained responses.
91: *
92: * @return enumerator over major response fields
93: */
94: enumerator_t* (*create_response_enumerator)(ocsp_response_t *this);
95: };
96:
97: #endif /** OCSP_RESPONSE_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>