support of PKCS#10 certificate request parsing
[strongswan.git] / src / libstrongswan / credentials / certificates / req.h
1 /*
2 * Copyright (C) 2007-2008 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup x509 x509
18 * @{ @ingroup certificates
19 */
20
21 #ifndef X509_H_
22 #define X509_H_
23
24 #include <utils/enumerator.h>
25 #include <credentials/certificates/certificate.h>
26
27 typedef struct x509_t x509_t;
28 typedef enum x509_flag_t x509_flag_t;
29
30 /**
31 * X.509 certificate flags.
32 */
33 enum x509_flag_t {
34 /** cert has CA constraint */
35 X509_CA = (1<<0),
36 /** cert has AA constraint */
37 X509_AA = (1<<1),
38 /** cert has OCSP signer constraint */
39 X509_OCSP_SIGNER = (1<<2),
40 /** cert is self-signed */
41 X509_SELF_SIGNED = (1<<3),
42 };
43
44 /**
45 * enum names for x509 flags
46 */
47 extern enum_name_t *x509_flag_names;
48
49 /**
50 * X.509 certificate interface.
51 *
52 * This interface adds additional methods to the certificate_t type to
53 * allow further operations on these certificates.
54 */
55 struct x509_t {
56
57 /**
58 * Implements certificate_t.
59 */
60 certificate_t interface;
61
62 /**
63 * Get the flags set for this certificate.
64 *
65 * @return set of flags
66 */
67 x509_flag_t (*get_flags)(x509_t *this);
68
69 /**
70 * Get the certificate serial number.
71 *
72 * @return chunk pointing to internal serial number
73 */
74 chunk_t (*get_serial)(x509_t *this);
75
76 /**
77 * Get the the authorityKeyIdentifier.
78 *
79 * @return authKeyIdentifier as chunk_t, internal data
80 */
81 chunk_t (*get_authKeyIdentifier)(x509_t *this);
82
83 /**
84 * Create an enumerator over all subjectAltNames.
85 *
86 * @return enumerator over subjectAltNames as identification_t*
87 */
88 enumerator_t* (*create_subjectAltName_enumerator)(x509_t *this);
89
90 /**
91 * Create an enumerator over all CRL URIs.
92 *
93 * @return enumerator over URIs as char*
94 */
95 enumerator_t* (*create_crl_uri_enumerator)(x509_t *this);
96
97 /**
98 * Create an enumerator over all OCSP URIs.
99 *
100 * @return enumerator over URIs as char*
101 */
102 enumerator_t* (*create_ocsp_uri_enumerator)(x509_t *this);
103 };
104
105 #endif /** X509_H_ @}*/