results from the single responses is stored in the corresponding certinfo_t structs
[strongswan.git] / src / libstrongswan / crypto / certinfo.c
index a289d65..8c899e6 100644 (file)
@@ -22,8 +22,7 @@
 
 #include <time.h>
 
-#include <types.h>
-#include <definitions.h>
+#include <library.h>
 
 #include "certinfo.h"
 
@@ -49,6 +48,11 @@ struct private_certinfo_t {
        cert_status_t status;
 
        /**
+        * Certificate status is for one-time use only
+        */
+       bool once;
+
+       /**
         * Time when the certificate status info was generated
         */
        time_t thisUpdate;
@@ -69,24 +73,15 @@ struct private_certinfo_t {
     crl_reason_t revocationReason;
 };
 
-/**
- * RFC 2560 OCSP - certificate status
- */
-static const char *const cert_status_name[] = {
+ENUM(cert_status_names, CERT_GOOD, CERT_UNTRUSTED,
        "good",
        "revoked",
        "unknown",
        "unknown",
-       "untrusted"
-    };
-
-enum_names cert_status_names =
-    { CERT_GOOD, CERT_UNTRUSTED, cert_status_name, NULL};
+       "untrusted",
+);
 
-/**
- * RFC 2459 CRL reason codes
- */
-static const char *const crl_reason_name[] = {
+ENUM(crl_reason_names, REASON_UNSPECIFIED, REASON_REMOVE_FROM_CRL,
        "unspecified",
        "key compromise",
        "ca compromise",
@@ -95,11 +90,16 @@ static const char *const crl_reason_name[] = {
        "cessation of operation",
        "certificate hold",
        "reason #7",
-       "remove from crl"
-    };
+       "remove from crl",
+);
 
-enum_names crl_reason_names =
-    { REASON_UNSPECIFIED, REASON_REMOVE_FROM_CRL, crl_reason_name, NULL};
+/**
+ * Implements certinfo_t.equals_serialNumber
+ */
+static bool equals_serialNumber(const private_certinfo_t *this, const private_certinfo_t *that)
+{
+       return chunk_equals(this->serialNumber, that->serialNumber);
+}
 
 /**
  * Implements certinfo_t.get_serialNumber
@@ -126,6 +126,22 @@ static cert_status_t get_status(const private_certinfo_t *this)
 }
 
 /**
+ * Implements certinfo_t.set_thisUpdate
+ */
+static void set_thisUpdate(private_certinfo_t *this, time_t thisUpdate)
+{
+       this->thisUpdate = thisUpdate;
+}
+
+/**
+ * Implements certinfo_t.get_thisUpdate
+ */
+static time_t get_thisUpdate(const private_certinfo_t *this)
+{
+       return this->thisUpdate;
+}
+
+/**
  * Implements certinfo_t.set_nextUpdate
  */
 static void set_nextUpdate(private_certinfo_t *this, time_t nextUpdate)
@@ -168,9 +184,9 @@ static void set_revocationReason(private_certinfo_t *this, crl_reason_t reason)
 /**
  * Implements certinfo_t.get_revocationReason
  */
-static const char *get_revocationReason(const private_certinfo_t *this)
+static crl_reason_t get_revocationReason(const private_certinfo_t *this)
 {
-       return enum_name(&crl_reason_names, this->revocationReason);
+       return this->revocationReason;
 }
 
 /**
@@ -192,20 +208,24 @@ certinfo_t *certinfo_create(chunk_t serial)
        /* initialize */
        this->serialNumber = chunk_clone(serial);
        this->status = CERT_UNDEFINED;
+       this->thisUpdate = UNDEFINED_TIME;
        this->nextUpdate = UNDEFINED_TIME;
        this->revocationTime = UNDEFINED_TIME;
        this->revocationReason = REASON_UNSPECIFIED;
 
        /* public functions */
+       this->public.equals_serialNumber = (bool (*) (const certinfo_t*,const certinfo_t*))equals_serialNumber;
        this->public.get_serialNumber = (chunk_t (*) (const certinfo_t*))get_serialNumber;
        this->public.set_status = (void (*) (certinfo_t*,cert_status_t))set_status;
        this->public.get_status = (cert_status_t (*) (const certinfo_t*))get_status;
+       this->public.set_thisUpdate = (void (*) (certinfo_t*,time_t))set_thisUpdate;
+       this->public.get_thisUpdate = (time_t (*) (const certinfo_t*))get_thisUpdate;
        this->public.set_nextUpdate = (void (*) (certinfo_t*,time_t))set_nextUpdate;
        this->public.get_nextUpdate = (time_t (*) (const certinfo_t*))get_nextUpdate;
        this->public.set_revocationTime = (void (*) (certinfo_t*,time_t))set_revocationTime;
        this->public.get_revocationTime = (time_t (*) (const certinfo_t*))get_revocationTime;
        this->public.set_revocationReason = (void (*) (certinfo_t*, crl_reason_t))set_revocationReason;
-       this->public.get_revocationReason = (const char *(*) (const certinfo_t*))get_revocationReason;
+       this->public.get_revocationReason = (crl_reason_t(*) (const certinfo_t*))get_revocationReason;
        this->public.destroy = (void (*) (certinfo_t*))destroy;
 
        return &this->public;