src/libstrongswan/crypto/certinfo.h

   1 /**
   2  * @file certinfo.h
   3  *
   4  * @brief Interface of certinfo_t.
   5  *
   6  */
   7
   8 /*
   9  * Copyright (C) 2006 Andreas Steffen
  10  * Hochschule fuer Technik Rapperswil
  11  *
  12  * This program is free software; you can redistribute it and/or modify it
  13  * under the terms of the GNU General Public License as published by the
  14  * Free Software Foundation; either version 2 of the License, or (at your
  15  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  16  *
  17  * This program is distributed in the hope that it will be useful, but
  18  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  19  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  20  * for more details.
  21  */
  22
  23 #ifndef CERTINFO_H_
  24 #define CERTINFO_H_
  25
  26 typedef enum cert_status_t cert_status_t;
  27 typedef enum crl_reason_t crl_reason_t;
  28 typedef struct certinfo_t certinfo_t;
  29
  30 #include <library.h>
  31
  32 /**
  33  * RFC 2560 OCSP - certificate status
  34  */
  35 enum cert_status_t {
  36         CERT_GOOD =             0,
  37         CERT_REVOKED =          1,
  38         CERT_UNKNOWN =          2,
  39         CERT_UNDEFINED =        3,
  40         CERT_UNTRUSTED =        4  /* private use */
  41 };
  42
  43 extern enum_name_t *cert_status_names;
  44
  45 /**
  46  * RFC 2459 CRL reason codes
  47  */
  48 enum crl_reason_t {
  49     REASON_UNSPECIFIED =                        0,
  50     REASON_KEY_COMPROMISE =             1,
  51     REASON_CA_COMPROMISE =                      2,
  52     REASON_AFFILIATION_CHANGED =        3,
  53     REASON_SUPERSEDED =                         4,
  54     REASON_CESSATION_OF_OPERATON =      5,
  55     REASON_CERTIFICATE_HOLD =           6,
  56     REASON_REMOVE_FROM_CRL =            8
  57 };
  58
  59 extern enum_name_t *crl_reason_names;
  60
  61 /**
  62  * @brief X.509 certificate status information
  63  *
  64  * @ingroup transforms
  65  */
  66 struct certinfo_t {
  67
  68         /**
  69          * @brief Check if both certinfo objects have the same serialNumber.
  70          *
  71          * @param this                          calling object
  72          * @param that                          second certinfo_t object
  73          * @return                                      TRUE if the same serialNumber
  74          */
  75         bool (*equals_serialNumber) (const certinfo_t *this, const certinfo_t *that);
  76
  77
  78         /**
  79          * @brief Get serial number.
  80          *
  81          * @param this                          calling object
  82          * @return                                      serialNumber
  83          */
  84         chunk_t (*get_serialNumber) (const certinfo_t *this);
  85
  86         /**
  87          * @brief Set certificate status.
  88          *
  89          * @param this                          calling object
  90          * @param status                        status
  91          */
  92         void (*set_status) (certinfo_t *this, cert_status_t status);
  93
  94         /**
  95          * @brief Get certificate status.
  96          *
  97          * @param this                          calling object
  98          * @return                                      status
  99          */
 100         cert_status_t (*get_status) (const certinfo_t *this);
 101
 102         /**
 103          * @brief Set nextUpdate.
 104          *
 105          * @param this                          calling object
 106          * @return                                      nextUpdate
 107          */
 108         void (*set_nextUpdate) (certinfo_t *this, time_t nextUpdate);
 109
 110         /**
 111          * @brief Get nextUpdate.
 112          *
 113          * @param this                          calling object
 114          * @return                                      nextUpdate
 115          */
 116         time_t (*get_nextUpdate) (const certinfo_t *this);
 117
 118         /**
 119          * @brief Set revocationTime.
 120          *
 121          * @param this                          calling object
 122          * @param revocationTime        revocationTime
 123          */
 124         void (*set_revocationTime) (certinfo_t *this, time_t revocationTime);
 125
 126         /**
 127          * @brief Get revocationTime.
 128          *
 129          * @param this                          calling object
 130          * @return                                      revocationTime
 131          */
 132         time_t (*get_revocationTime) (const certinfo_t *this);
 133
 134         /**
 135          * @brief Set revocationReason.
 136          *
 137          * @param this                          calling object
 138          * @param reason                        revocationReason
 139          */
 140         void (*set_revocationReason) (certinfo_t *this, crl_reason_t reason);
 141
 142         /**
 143          * @brief Get revocationReason.
 144          *
 145          * @param this                          calling object
 146          * @return                                      revocationReason
 147          */
 148         crl_reason_t (*get_revocationReason) (const certinfo_t *this);
 149
 150         /**
 151          * @brief Destroys the certinfo_t object.
 152          *
 153          * @param this                  crl to destroy
 154          */
 155         void (*destroy) (certinfo_t *this);
 156
 157 };
 158
 159 /**
 160  * @brief Create a certinfo_t object.
 161  *
 162  * @param serial        chunk serial number of the certificate
 163  * @return                      created certinfo_t object
 164  *
 165  * @ingroup transforms
 166  */
 167 certinfo_t *certinfo_create(chunk_t serial);
 168
 169 #endif /* CERTINFO_H_ */