updated x509/CRL/AC API to align with public key, authKeyIdentifier is a chunk
[strongswan.git] / src / libstrongswan / credentials / certificates / crl.h
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Copyright (C) 2006 Andreas Steffen
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup crl crl
19 * @{ @ingroup certificates
20 */
21
22 #ifndef CRL_H_
23 #define CRL_H_
24
25 typedef struct crl_t crl_t;
26 typedef enum crl_reason_t crl_reason_t;
27
28 #include <library.h>
29 #include <credentials/certificates/certificate.h>
30
31 /**
32 * RFC 2459 CRL reason codes
33 */
34 enum crl_reason_t {
35 CRL_UNSPECIFIED = 0,
36 CRL_KEY_COMPROMISE = 1,
37 CRL_CA_COMPROMISE = 2,
38 CRL_AFFILIATION_CHANGED = 3,
39 CRL_SUPERSEDED = 4,
40 CRL_CESSATION_OF_OPERATON = 5,
41 CRL_CERTIFICATE_HOLD = 6,
42 CRL_REMOVE_FROM_CRL = 8,
43 };
44
45 /**
46 * enum names for crl_reason_t
47 */
48 extern enum_name_t *crl_reason_names;
49
50 /**
51 * X509 certificate revocation list (CRL) interface definition.
52 */
53 struct crl_t {
54
55 /**
56 * Implements (parts of) the certificate_t interface
57 */
58 certificate_t certificate;
59
60 /**
61 * Get the CRL serial number.
62 *
63 * @return chunk pointing to internal crlNumber
64 */
65 chunk_t (*get_serial)(crl_t *this);
66
67 /**
68 * Get the the authorityKeyIdentifier.
69 *
70 * @return authKeyIdentifier chunk, point to internal data
71 */
72 chunk_t (*get_authKeyIdentifier)(crl_t *this);
73
74 /**
75 * Create an enumerator over all revoked certificates.
76 *
77 * The enumerator takes 3 pointer arguments:
78 * chunk_t serial, time_t revocation_date, crl_reason_t reason
79 *
80 * @return enumerator over revoked certificates.
81 */
82 enumerator_t* (*create_enumerator)(crl_t *this);
83
84 };
85
86 #endif /** CRL_H_ @}*/