| /* This Source Code Form is subject to the terms of the Mozilla Public |
| * License, v. 2.0. If a copy of the MPL was not distributed with this |
| * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| /* |
| * This file defines the types in the libpkix API. |
| * XXX Maybe we should specify the API version number in all API header files |
| * |
| */ |
| |
| #ifndef _PKIXT_H |
| #define _PKIXT_H |
| |
| #ifdef __cplusplus |
| extern "C" { |
| #endif |
| |
| #include "secerr.h" |
| |
| /* Types |
| * |
| * This header file provides typedefs for the abstract types used by libpkix. |
| * It also provides several useful macros. |
| * |
| * Note that all these abstract types are typedef'd as opaque structures. This |
| * is intended to discourage the caller from looking at the contents directly, |
| * since the format of the contents may change from one version of the library |
| * to the next. Instead, callers should only access these types using the |
| * functions defined in the public header files. |
| * |
| * An instance of an abstract type defined in this file is called an "object" |
| * here, although C does not have real support for objects. |
| * |
| * Because C does not typically have automatic garbage collection, the caller |
| * is expected to release the reference to any object that they create or that |
| * is returned to them by a libpkix function. The caller should do this by |
| * using the PKIX_PL_Object_DecRef function. Note that the caller should not |
| * release the reference to an object if the object has been passed to a |
| * libpkix function and that function has not returned. |
| * |
| * Please refer to libpkix Programmer's Guide for more details. |
| */ |
| |
| /* Version |
| * |
| * These macros specify the major and minor version of the libpkix API defined |
| * by this header file. |
| */ |
| |
| #define PKIX_MAJOR_VERSION ((PKIX_UInt32) 0) |
| #define PKIX_MINOR_VERSION ((PKIX_UInt32) 3) |
| |
| /* Maximum minor version |
| * |
| * This macro is used to specify that the caller wants the largest minor |
| * version available. |
| */ |
| |
| #define PKIX_MAX_MINOR_VERSION ((PKIX_UInt32) 4000000000) |
| |
| /* Define Cert Store type for database access */ |
| #define PKIX_STORE_TYPE_NONE 0 |
| #define PKIX_STORE_TYPE_PK11 1 |
| |
| /* Portable Code (PC) data types |
| * |
| * These types are used to perform the primary operations of this library: |
| * building and validating chains of X.509 certificates. |
| */ |
| |
| typedef struct PKIX_ErrorStruct PKIX_Error; |
| typedef struct PKIX_ProcessingParamsStruct PKIX_ProcessingParams; |
| typedef struct PKIX_ValidateParamsStruct PKIX_ValidateParams; |
| typedef struct PKIX_ValidateResultStruct PKIX_ValidateResult; |
| typedef struct PKIX_ResourceLimitsStruct PKIX_ResourceLimits; |
| typedef struct PKIX_BuildResultStruct PKIX_BuildResult; |
| typedef struct PKIX_CertStoreStruct PKIX_CertStore; |
| typedef struct PKIX_CertChainCheckerStruct PKIX_CertChainChecker; |
| typedef struct PKIX_RevocationCheckerStruct PKIX_RevocationChecker; |
| typedef struct PKIX_CertSelectorStruct PKIX_CertSelector; |
| typedef struct PKIX_CRLSelectorStruct PKIX_CRLSelector; |
| typedef struct PKIX_ComCertSelParamsStruct PKIX_ComCertSelParams; |
| typedef struct PKIX_ComCRLSelParamsStruct PKIX_ComCRLSelParams; |
| typedef struct PKIX_TrustAnchorStruct PKIX_TrustAnchor; |
| typedef struct PKIX_PolicyNodeStruct PKIX_PolicyNode; |
| typedef struct PKIX_LoggerStruct PKIX_Logger; |
| typedef struct PKIX_ListStruct PKIX_List; |
| typedef struct PKIX_ForwardBuilderStateStruct PKIX_ForwardBuilderState; |
| typedef struct PKIX_DefaultRevocationCheckerStruct |
| PKIX_DefaultRevocationChecker; |
| typedef struct PKIX_VerifyNodeStruct PKIX_VerifyNode; |
| |
| /* Portability Layer (PL) data types |
| * |
| * These types are used are used as portable data types that are defined |
| * consistently across platforms |
| */ |
| |
| typedef struct PKIX_PL_NssContextStruct PKIX_PL_NssContext; |
| typedef struct PKIX_PL_ObjectStruct PKIX_PL_Object; |
| typedef struct PKIX_PL_ByteArrayStruct PKIX_PL_ByteArray; |
| typedef struct PKIX_PL_HashTableStruct PKIX_PL_HashTable; |
| typedef struct PKIX_PL_MutexStruct PKIX_PL_Mutex; |
| typedef struct PKIX_PL_RWLockStruct PKIX_PL_RWLock; |
| typedef struct PKIX_PL_MonitorLockStruct PKIX_PL_MonitorLock; |
| typedef struct PKIX_PL_BigIntStruct PKIX_PL_BigInt; |
| typedef struct PKIX_PL_StringStruct PKIX_PL_String; |
| typedef struct PKIX_PL_OIDStruct PKIX_PL_OID; |
| typedef struct PKIX_PL_CertStruct PKIX_PL_Cert; |
| typedef struct PKIX_PL_GeneralNameStruct PKIX_PL_GeneralName; |
| typedef struct PKIX_PL_X500NameStruct PKIX_PL_X500Name; |
| typedef struct PKIX_PL_PublicKeyStruct PKIX_PL_PublicKey; |
| typedef struct PKIX_PL_DateStruct PKIX_PL_Date; |
| typedef struct PKIX_PL_CertNameConstraintsStruct PKIX_PL_CertNameConstraints; |
| typedef struct PKIX_PL_CertBasicConstraintsStruct PKIX_PL_CertBasicConstraints; |
| typedef struct PKIX_PL_CertPoliciesStruct PKIX_PL_CertPolicies; |
| typedef struct PKIX_PL_CertPolicyInfoStruct PKIX_PL_CertPolicyInfo; |
| typedef struct PKIX_PL_CertPolicyQualifierStruct PKIX_PL_CertPolicyQualifier; |
| typedef struct PKIX_PL_CertPolicyMapStruct PKIX_PL_CertPolicyMap; |
| typedef struct PKIX_PL_CRLStruct PKIX_PL_CRL; |
| typedef struct PKIX_PL_CRLEntryStruct PKIX_PL_CRLEntry; |
| typedef struct PKIX_PL_CollectionCertStoreStruct PKIX_PL_CollectionCertStore; |
| typedef struct PKIX_PL_CollectionCertStoreContext |
| PKIX_PL_CollectionCertStoreContext; |
| typedef struct PKIX_PL_LdapCertStoreContext PKIX_PL_LdapCertStoreContext; |
| typedef struct PKIX_PL_LdapRequestStruct PKIX_PL_LdapRequest; |
| typedef struct PKIX_PL_LdapResponseStruct PKIX_PL_LdapResponse; |
| typedef struct PKIX_PL_LdapDefaultClientStruct PKIX_PL_LdapDefaultClient; |
| typedef struct PKIX_PL_SocketStruct PKIX_PL_Socket; |
| typedef struct PKIX_PL_InfoAccessStruct PKIX_PL_InfoAccess; |
| typedef struct PKIX_PL_AIAMgrStruct PKIX_PL_AIAMgr; |
| typedef struct PKIX_PL_OcspCertIDStruct PKIX_PL_OcspCertID; |
| typedef struct PKIX_PL_OcspRequestStruct PKIX_PL_OcspRequest; |
| typedef struct PKIX_PL_OcspResponseStruct PKIX_PL_OcspResponse; |
| typedef struct PKIX_PL_HttpClientStruct PKIX_PL_HttpClient; |
| typedef struct PKIX_PL_HttpDefaultClientStruct PKIX_PL_HttpDefaultClient; |
| typedef struct PKIX_PL_HttpCertStoreContextStruct PKIX_PL_HttpCertStoreContext; |
| |
| /* Primitive types |
| * |
| * In order to guarantee desired behavior as well as platform-independence, we |
| * typedef these types depending on the platform. XXX This needs more work! |
| */ |
| |
| /* XXX Try compiling these files (and maybe the whole libpkix-nss) on Win32. |
| * We don't know what type is at least 32 bits long. ISO C probably requires |
| * at least 32 bits for long. we could default to that and only list platforms |
| * where that's not true. |
| * |
| * #elif |
| * #error |
| * #endif |
| */ |
| |
| /* currently, int is 32 bits on all our supported platforms */ |
| |
| typedef unsigned int PKIX_UInt32; |
| typedef int PKIX_Int32; |
| |
| typedef int PKIX_Boolean; |
| |
| /* Object Types |
| * |
| * Every reference-counted PKIX_PL_Object is associated with an integer type. |
| */ |
| #define PKIX_TYPES \ |
| TYPEMACRO(AIAMGR), \ |
| TYPEMACRO(BASICCONSTRAINTSCHECKERSTATE), \ |
| TYPEMACRO(BIGINT), \ |
| TYPEMACRO(BUILDRESULT), \ |
| TYPEMACRO(BYTEARRAY), \ |
| TYPEMACRO(CERT), \ |
| TYPEMACRO(CERTBASICCONSTRAINTS), \ |
| TYPEMACRO(CERTCHAINCHECKER), \ |
| TYPEMACRO(CERTNAMECONSTRAINTS), \ |
| TYPEMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \ |
| TYPEMACRO(CERTPOLICYCHECKERSTATE), \ |
| TYPEMACRO(CERTPOLICYINFO), \ |
| TYPEMACRO(CERTPOLICYMAP), \ |
| TYPEMACRO(CERTPOLICYNODE), \ |
| TYPEMACRO(CERTPOLICYQUALIFIER), \ |
| TYPEMACRO(CERTSELECTOR), \ |
| TYPEMACRO(CERTSTORE), \ |
| TYPEMACRO(COLLECTIONCERTSTORECONTEXT), \ |
| TYPEMACRO(COMCERTSELPARAMS), \ |
| TYPEMACRO(COMCRLSELPARAMS), \ |
| TYPEMACRO(CRL), \ |
| TYPEMACRO(CRLDP), \ |
| TYPEMACRO(CRLENTRY), \ |
| TYPEMACRO(CRLSELECTOR), \ |
| TYPEMACRO(DATE), \ |
| TYPEMACRO(CRLCHECKER), \ |
| TYPEMACRO(EKUCHECKER), \ |
| TYPEMACRO(ERROR), \ |
| TYPEMACRO(FORWARDBUILDERSTATE), \ |
| TYPEMACRO(GENERALNAME), \ |
| TYPEMACRO(HASHTABLE), \ |
| TYPEMACRO(HTTPCERTSTORECONTEXT), \ |
| TYPEMACRO(HTTPDEFAULTCLIENT), \ |
| TYPEMACRO(INFOACCESS), \ |
| TYPEMACRO(LDAPDEFAULTCLIENT), \ |
| TYPEMACRO(LDAPREQUEST), \ |
| TYPEMACRO(LDAPRESPONSE), \ |
| TYPEMACRO(LIST), \ |
| TYPEMACRO(LOGGER), \ |
| TYPEMACRO(MONITORLOCK), \ |
| TYPEMACRO(MUTEX), \ |
| TYPEMACRO(OBJECT), \ |
| TYPEMACRO(OCSPCERTID), \ |
| TYPEMACRO(OCSPCHECKER), \ |
| TYPEMACRO(OCSPREQUEST), \ |
| TYPEMACRO(OCSPRESPONSE), \ |
| TYPEMACRO(OID), \ |
| TYPEMACRO(REVOCATIONCHECKER), \ |
| TYPEMACRO(PROCESSINGPARAMS), \ |
| TYPEMACRO(PUBLICKEY), \ |
| TYPEMACRO(RESOURCELIMITS), \ |
| TYPEMACRO(RWLOCK), \ |
| TYPEMACRO(SIGNATURECHECKERSTATE), \ |
| TYPEMACRO(SOCKET), \ |
| TYPEMACRO(STRING), \ |
| TYPEMACRO(TARGETCERTCHECKERSTATE), \ |
| TYPEMACRO(TRUSTANCHOR), \ |
| TYPEMACRO(VALIDATEPARAMS), \ |
| TYPEMACRO(VALIDATERESULT), \ |
| TYPEMACRO(VERIFYNODE), \ |
| TYPEMACRO(X500NAME) |
| |
| #define TYPEMACRO(type) PKIX_ ## type ## _TYPE |
| |
| typedef enum { /* Now invoke all those TYPEMACROs to assign the numbers */ |
| PKIX_TYPES, |
| PKIX_NUMTYPES /* This gets PKIX_NUMTYPES defined as the total number */ |
| } PKIX_TYPENUM; |
| |
| |
| #ifdef PKIX_USER_OBJECT_TYPE |
| |
| /* User Define Object Types |
| * |
| * User may define their own object types offset from PKIX_USER_OBJECT_TYPE |
| */ |
| #define PKIX_USER_OBJECT_TYPEBASE 1000 |
| |
| #endif /* PKIX_USER_OBJECT_TYPE */ |
| |
| /* Error Codes |
| * |
| * This list is used to define a set of PKIX_Error exception class numbers. |
| * ERRMACRO is redefined to produce a corresponding set of |
| * strings in the table "const char *PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES]" in |
| * pkix_error.c. For example, since the fifth ERRMACRO entry is MUTEX, then |
| * PKIX_MUTEX_ERROR is defined in pkixt.h as 4, and PKIX_ERRORCLASSNAMES[4] is |
| * initialized in pkix_error.c with the value "MUTEX". |
| */ |
| #define PKIX_ERRORCLASSES \ |
| ERRMACRO(AIAMGR), \ |
| ERRMACRO(BASICCONSTRAINTSCHECKERSTATE), \ |
| ERRMACRO(BIGINT), \ |
| ERRMACRO(BUILD), \ |
| ERRMACRO(BUILDRESULT), \ |
| ERRMACRO(BYTEARRAY), \ |
| ERRMACRO(CERT), \ |
| ERRMACRO(CERTBASICCONSTRAINTS), \ |
| ERRMACRO(CERTCHAINCHECKER), \ |
| ERRMACRO(CERTNAMECONSTRAINTS), \ |
| ERRMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \ |
| ERRMACRO(CERTPOLICYCHECKERSTATE), \ |
| ERRMACRO(CERTPOLICYINFO), \ |
| ERRMACRO(CERTPOLICYMAP), \ |
| ERRMACRO(CERTPOLICYNODE), \ |
| ERRMACRO(CERTPOLICYQUALIFIER), \ |
| ERRMACRO(CERTSELECTOR), \ |
| ERRMACRO(CERTSTORE), \ |
| ERRMACRO(CERTVFYPKIX), \ |
| ERRMACRO(COLLECTIONCERTSTORECONTEXT), \ |
| ERRMACRO(COMCERTSELPARAMS), \ |
| ERRMACRO(COMCRLSELPARAMS), \ |
| ERRMACRO(CONTEXT), \ |
| ERRMACRO(CRL), \ |
| ERRMACRO(CRLDP), \ |
| ERRMACRO(CRLENTRY), \ |
| ERRMACRO(CRLSELECTOR), \ |
| ERRMACRO(CRLCHECKER), \ |
| ERRMACRO(DATE), \ |
| ERRMACRO(EKUCHECKER), \ |
| ERRMACRO(ERROR), \ |
| ERRMACRO(FATAL), \ |
| ERRMACRO(FORWARDBUILDERSTATE), \ |
| ERRMACRO(GENERALNAME), \ |
| ERRMACRO(HASHTABLE), \ |
| ERRMACRO(HTTPCERTSTORECONTEXT), \ |
| ERRMACRO(HTTPDEFAULTCLIENT), \ |
| ERRMACRO(INFOACCESS), \ |
| ERRMACRO(LDAPCLIENT), \ |
| ERRMACRO(LDAPDEFAULTCLIENT), \ |
| ERRMACRO(LDAPREQUEST), \ |
| ERRMACRO(LDAPRESPONSE), \ |
| ERRMACRO(LIFECYCLE), \ |
| ERRMACRO(LIST), \ |
| ERRMACRO(LOGGER), \ |
| ERRMACRO(MEM), \ |
| ERRMACRO(MONITORLOCK), \ |
| ERRMACRO(MUTEX), \ |
| ERRMACRO(OBJECT), \ |
| ERRMACRO(OCSPCERTID), \ |
| ERRMACRO(OCSPCHECKER), \ |
| ERRMACRO(OCSPREQUEST), \ |
| ERRMACRO(OCSPRESPONSE), \ |
| ERRMACRO(OID), \ |
| ERRMACRO(PROCESSINGPARAMS), \ |
| ERRMACRO(PUBLICKEY), \ |
| ERRMACRO(RESOURCELIMITS), \ |
| ERRMACRO(REVOCATIONMETHOD), \ |
| ERRMACRO(REVOCATIONCHECKER), \ |
| ERRMACRO(RWLOCK), \ |
| ERRMACRO(SIGNATURECHECKERSTATE), \ |
| ERRMACRO(SOCKET), \ |
| ERRMACRO(STRING), \ |
| ERRMACRO(TARGETCERTCHECKERSTATE), \ |
| ERRMACRO(TRUSTANCHOR), \ |
| ERRMACRO(USERDEFINEDMODULES), \ |
| ERRMACRO(VALIDATE), \ |
| ERRMACRO(VALIDATEPARAMS), \ |
| ERRMACRO(VALIDATERESULT), \ |
| ERRMACRO(VERIFYNODE), \ |
| ERRMACRO(X500NAME) |
| |
| #define ERRMACRO(type) PKIX_ ## type ## _ERROR |
| |
| typedef enum { /* Now invoke all those ERRMACROs to assign the numbers */ |
| PKIX_ERRORCLASSES, |
| PKIX_NUMERRORCLASSES /* This gets PKIX_NUMERRORCLASSES defined as the total number */ |
| } PKIX_ERRORCLASS; |
| |
| /* Now define error strings (for internationalization) */ |
| |
| #define PKIX_ERRORENTRY(name,desc,plerr) PKIX_ ## name |
| |
| /* Define all the error numbers */ |
| typedef enum { |
| #include "pkix_errorstrings.h" |
| , PKIX_NUMERRORCODES |
| } PKIX_ERRORCODE; |
| |
| extern const char * const PKIX_ErrorText[]; |
| |
| /* String Formats |
| * |
| * These formats specify supported encoding formats for Strings. |
| */ |
| |
| #define PKIX_ESCASCII 0 |
| #define PKIX_UTF8 1 |
| #define PKIX_UTF16 2 |
| #define PKIX_UTF8_NULL_TERM 3 |
| #define PKIX_ESCASCII_DEBUG 4 |
| |
| /* Name Types |
| * |
| * These types specify supported formats for GeneralNames. |
| */ |
| |
| #define PKIX_OTHER_NAME 1 |
| #define PKIX_RFC822_NAME 2 |
| #define PKIX_DNS_NAME 3 |
| #define PKIX_X400_ADDRESS 4 |
| #define PKIX_DIRECTORY_NAME 5 |
| #define PKIX_EDIPARTY_NAME 6 |
| #define PKIX_URI_NAME 7 |
| #define PKIX_IP_NAME 8 |
| #define PKIX_OID_NAME 9 |
| |
| /* Key Usages |
| * |
| * These types specify supported Key Usages |
| */ |
| |
| #define PKIX_DIGITAL_SIGNATURE 0x001 |
| #define PKIX_NON_REPUDIATION 0x002 |
| #define PKIX_KEY_ENCIPHERMENT 0x004 |
| #define PKIX_DATA_ENCIPHERMENT 0x008 |
| #define PKIX_KEY_AGREEMENT 0x010 |
| #define PKIX_KEY_CERT_SIGN 0x020 |
| #define PKIX_CRL_SIGN 0x040 |
| #define PKIX_ENCIPHER_ONLY 0x080 |
| #define PKIX_DECIPHER_ONLY 0x100 |
| |
| /* Reason Flags |
| * |
| * These macros specify supported Reason Flags |
| */ |
| |
| #define PKIX_UNUSED 0x001 |
| #define PKIX_KEY_COMPROMISE 0x002 |
| #define PKIX_CA_COMPROMISE 0x004 |
| #define PKIX_AFFILIATION_CHANGED 0x008 |
| #define PKIX_SUPERSEDED 0x010 |
| #define PKIX_CESSATION_OF_OPERATION 0x020 |
| #define PKIX_CERTIFICATE_HOLD 0x040 |
| #define PKIX_PRIVILEGE_WITHDRAWN 0x080 |
| #define PKIX_AA_COMPROMISE 0x100 |
| |
| /* Boolean values |
| * |
| * These macros specify the Boolean values of TRUE and FALSE |
| * XXX Is it the case that any non-zero value is actually considered TRUE |
| * and this is just a convenient mnemonic macro? |
| */ |
| |
| #define PKIX_TRUE ((PKIX_Boolean) 1) |
| #define PKIX_FALSE ((PKIX_Boolean) 0) |
| |
| /* |
| * Define constants for basic constraints selector |
| * (see comments in pkix_certsel.h) |
| */ |
| |
| #define PKIX_CERTSEL_ENDENTITY_MIN_PATHLENGTH (-2) |
| #define PKIX_CERTSEL_ALL_MATCH_MIN_PATHLENGTH (-1) |
| |
| /* |
| * PKIX_ALLOC_ERROR is a special error object hard-coded into the pkix_error.o |
| * object file. It is thrown if system memory cannot be allocated or may be |
| * thrown for other unrecoverable errors. PKIX_ALLOC_ERROR is immutable. |
| * IncRef, DecRef and all Settor functions cannot be called. |
| * XXX Does anyone actually need to know about this? |
| * XXX Why no DecRef? Would be good to handle it the same. |
| */ |
| |
| PKIX_Error* PKIX_ALLOC_ERROR(void); |
| |
| /* |
| * In a CertBasicConstraints extension, if the CA flag is set, |
| * indicating the certificate refers to a Certification |
| * Authority, then the pathLen field indicates how many intermediate |
| * certificates (not counting self-signed ones) can exist in a valid |
| * chain following this certificate. If the pathLen has the value |
| * of this constant, then the length of the chain is unlimited |
| */ |
| #define PKIX_UNLIMITED_PATH_CONSTRAINT ((PKIX_Int32) -1) |
| |
| /* |
| * Define Certificate Extension hard-coded OID's |
| */ |
| #define PKIX_UNKNOWN_OID SEC_OID_UNKNOWN |
| #define PKIX_CERTKEYUSAGE_OID SEC_OID_X509_KEY_USAGE |
| #define PKIX_CERTSUBJALTNAME_OID SEC_OID_X509_SUBJECT_ALT_NAME |
| #define PKIX_BASICCONSTRAINTS_OID SEC_OID_X509_BASIC_CONSTRAINTS |
| #define PKIX_CRLREASONCODE_OID SEC_OID_X509_REASON_CODE |
| #define PKIX_NAMECONSTRAINTS_OID SEC_OID_X509_NAME_CONSTRAINTS |
| #define PKIX_CERTIFICATEPOLICIES_OID SEC_OID_X509_CERTIFICATE_POLICIES |
| #define PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID SEC_OID_X509_ANY_POLICY |
| #define PKIX_POLICYMAPPINGS_OID SEC_OID_X509_POLICY_MAPPINGS |
| #define PKIX_POLICYCONSTRAINTS_OID SEC_OID_X509_POLICY_CONSTRAINTS |
| #define PKIX_EXTENDEDKEYUSAGE_OID SEC_OID_X509_EXT_KEY_USAGE |
| #define PKIX_INHIBITANYPOLICY_OID SEC_OID_X509_INHIBIT_ANY_POLICY |
| #define PKIX_NSCERTTYPE_OID SEC_OID_NS_CERT_EXT_CERT_TYPE |
| #define PKIX_KEY_USAGE_SERVER_AUTH_OID SEC_OID_EXT_KEY_USAGE_SERVER_AUTH |
| #define PKIX_KEY_USAGE_CLIENT_AUTH_OID SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH |
| #define PKIX_KEY_USAGE_CODE_SIGN_OID SEC_OID_EXT_KEY_USAGE_CODE_SIGN |
| #define PKIX_KEY_USAGE_EMAIL_PROTECT_OID SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT |
| #define PKIX_KEY_USAGE_TIME_STAMP_OID SEC_OID_EXT_KEY_USAGE_TIME_STAMP |
| #define PKIX_KEY_USAGE_OCSP_RESPONDER_OID SEC_OID_OCSP_RESPONDER |
| |
| |
| /* Available revocation method types. */ |
| typedef enum PKIX_RevocationMethodTypeEnum { |
| PKIX_RevocationMethod_CRL = 0, |
| PKIX_RevocationMethod_OCSP, |
| PKIX_RevocationMethod_MAX |
| } PKIX_RevocationMethodType; |
| |
| /* A set of statuses revocation checker operates on */ |
| typedef enum PKIX_RevocationStatusEnum { |
| PKIX_RevStatus_NoInfo = 0, |
| PKIX_RevStatus_Revoked, |
| PKIX_RevStatus_Success |
| } PKIX_RevocationStatus; |
| |
| |
| #ifdef __cplusplus |
| } |
| #endif |
| |
| #endif /* _PKIXT_H */ |