Return to cert_cache.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / sets |
1.1 misho 1: /* 2: * Copyright (C) 2008 Martin Willi 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: /** 17: * @defgroup cert_cache cert_cache 18: * @{ @ingroup sets 19: */ 20: 21: #ifndef CERT_CACHE_H_ 22: #define CERT_CACHE_H_ 23: 24: #include <credentials/credential_set.h> 25: 26: typedef struct cert_cache_t cert_cache_t; 27: 28: /** 29: * Certificate signature verification and certificate cache. 30: * 31: * This cache serves all certificates seen in its issued_by method 32: * and serves them as untrusted through the credential set interface. Further, 33: * it caches valid subject-issuer relationships to speed up the issued_by 34: * method. 35: */ 36: struct cert_cache_t { 37: 38: /** 39: * Implements credential_set_t. 40: */ 41: credential_set_t set; 42: 43: /** 44: * Caching wrapper around certificate_t.issued_by. 45: * 46: * @param subject certificate to verify 47: * @param issuer issuing certificate to verify subject 48: * @param scheme receives used signature scheme and parameters, if 49: * given (allocated) 50: * @return TRUE if subject issued by issuer 51: */ 52: bool (*issued_by)(cert_cache_t *this, 53: certificate_t *subject, certificate_t *issuer, 54: signature_params_t **scheme); 55: 56: /** 57: * Flush the certificate cache. 58: * 59: * @param type type of certificate to flush, or CERT_ANY 60: */ 61: void (*flush)(cert_cache_t *this, certificate_type_t type); 62: 63: /** 64: * Destroy a cert_cache instance. 65: */ 66: void (*destroy)(cert_cache_t *this); 67: }; 68: 69: /** 70: * Create a cert_cache instance. 71: */ 72: cert_cache_t *cert_cache_create(); 73: 74: #endif /** CERT_CACHE_H_ @}*/