416f712f34d6aa697c2ba8b77ac74e5c18c8ba94
[strongswan.git] / src / libstrongswan / credentials / certificates / ocsp_response.h
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 *
15 * $Id$
16 */
17
18 /**
19 * @defgroup ocsp_response ocsp_response
20 * @{ @ingroup certificates
21 */
22
23 #ifndef OCSP_RESPONSE_H_
24 #define OCSP_RESPONSE_H_
25
26 #include <credentials/certificates/x509.h>
27 #include <credentials/certificates/crl.h>
28
29 typedef struct ocsp_response_t ocsp_response_t;
30 typedef enum ocsp_status_t ocsp_status_t;
31
32 /**
33 * OCSP response status
34 */
35 enum ocsp_status_t {
36 OCSP_SUCCESSFUL = 0,
37 OCSP_MALFORMEDREQUEST = 1,
38 OCSP_INTERNALERROR = 2,
39 OCSP_TRYLATER = 3,
40 OCSP_SIGREQUIRED = 5,
41 OCSP_UNAUTHORIZED = 6,
42 };
43
44 /**
45 * enum names for ocsp_status_t
46 */
47 extern enum_name_t *ocsp_status_names;
48
49 /**
50 * OCSP response message.
51 */
52 struct ocsp_response_t {
53
54 /**
55 * Implements certificiate_t interface
56 */
57 certificate_t certificate;
58
59 /**
60 * Check the status of a certificate by this OCSP response.
61 *
62 * @param subject certificate to check status
63 * @param issuer issuer certificate of subject
64 * @param revocation_time receives time of revocation, if revoked
65 * @param revocation_reason receives reason of revocation, if revoked
66 * @param this_update creation time of revocation list
67 * @param next_update exptected time of next revocation list
68 * @return certificate revocation status
69 */
70 cert_validation_t (*get_status)(ocsp_response_t *this,
71 x509_t *subject, x509_t *issuer,
72 time_t *revocation_time,
73 crl_reason_t *revocation_reason,
74 time_t *this_update, time_t *next_update);
75
76 /**
77 * Create an enumerator over the contained certificates.
78 *
79 * @return enumerator over certificate_t*
80 */
81 enumerator_t* (*create_cert_enumerator)(ocsp_response_t *this);
82 };
83
84 #endif /* OCSP_RESPONSE_H_ @}*/