Return to ocsp_response.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / certificates |
1.1 misho 1: /* 2: * Copyright (C) 2019 Tobias Brunner 3: * Copyright (C) 2008 Martin Willi 4: * HSR Hochschule fuer Technik Rapperswil 5: * 6: * This program is free software; you can redistribute it and/or modify it 7: * under the terms of the GNU General Public License as published by the 8: * Free Software Foundation; either version 2 of the License, or (at your 9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 10: * 11: * This program is distributed in the hope that it will be useful, but 12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14: * for more details. 15: */ 16: 17: /** 18: * @defgroup ocsp_response ocsp_response 19: * @{ @ingroup certificates 20: */ 21: 22: #ifndef OCSP_RESPONSE_H_ 23: #define OCSP_RESPONSE_H_ 24: 25: #include <credentials/certificates/x509.h> 26: #include <credentials/certificates/crl.h> 27: 28: typedef struct ocsp_response_t ocsp_response_t; 29: typedef enum ocsp_status_t ocsp_status_t; 30: 31: /** 32: * OCSP response status 33: */ 34: enum ocsp_status_t { 35: OCSP_SUCCESSFUL = 0, 36: OCSP_MALFORMEDREQUEST = 1, 37: OCSP_INTERNALERROR = 2, 38: OCSP_TRYLATER = 3, 39: OCSP_SIGREQUIRED = 5, 40: OCSP_UNAUTHORIZED = 6, 41: }; 42: 43: /** 44: * enum names for ocsp_status_t 45: */ 46: extern enum_name_t *ocsp_status_names; 47: 48: /** 49: * OCSP response message. 50: */ 51: struct ocsp_response_t { 52: 53: /** 54: * Implements certificate_t interface 55: */ 56: certificate_t certificate; 57: 58: /** 59: * Get the nonce received with this OCSP response. 60: * 61: * @return nonce in the response (internal data) 62: */ 63: chunk_t (*get_nonce)(ocsp_response_t *this); 64: 65: /** 66: * Check the status of a certificate by this OCSP response. 67: * 68: * @param subject certificate to check status 69: * @param issuer issuer certificate of subject 70: * @param revocation_time receives time of revocation, if revoked 71: * @param revocation_reason receives reason of revocation, if revoked 72: * @param this_update creation time of revocation list 73: * @param next_update expected time of next revocation list 74: * @return certificate revocation status 75: */ 76: cert_validation_t (*get_status)(ocsp_response_t *this, 77: x509_t *subject, x509_t *issuer, 78: time_t *revocation_time, 79: crl_reason_t *revocation_reason, 80: time_t *this_update, time_t *next_update); 81: 82: /** 83: * Create an enumerator over the contained certificates. 84: * 85: * @return enumerator over certificate_t* 86: */ 87: enumerator_t* (*create_cert_enumerator)(ocsp_response_t *this); 88: 89: /** 90: * Create an enumerator over the contained responses. 91: * 92: * @return enumerator over major response fields 93: */ 94: enumerator_t* (*create_response_enumerator)(ocsp_response_t *this); 95: }; 96: 97: #endif /** OCSP_RESPONSE_H_ @}*/