xref: /freebsd/crypto/heimdal/doc/doxyout/hx509/html/group__hx509__revoke.html (revision 0d66206fff44f864ea8a4b220c3a53b4caa959a0)
1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
3<title>Heimdalx509library: hx509 revokation checking functions</title>
4<link href="doxygen.css" rel="stylesheet" type="text/css">
5<link href="tabs.css" rel="stylesheet" type="text/css">
6</head><body>
7<p>
8<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a>
9</p>
10<!-- end of header marker -->
11<!-- Generated by Doxygen 1.5.6 -->
12<div class="navigation" id="top">
13  <div class="tabs">
14    <ul>
15      <li><a href="index.html"><span>Main&nbsp;Page</span></a></li>
16      <li><a href="pages.html"><span>Related&nbsp;Pages</span></a></li>
17      <li><a href="modules.html"><span>Modules</span></a></li>
18    </ul>
19  </div>
20</div>
21<div class="contents">
22<h1>hx509 revokation checking functions</h1><table border="0" cellpadding="0" cellspacing="0">
23<tr><td></td></tr>
24<tr><td colspan="2"><br><h2>Functions</h2></td></tr>
25<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#g83057d3c52d4b298b92571d48cf7099e">hx509_revoke_init</a> (hx509_context context, hx509_revoke_ctx *ctx)</td></tr>
26
27<tr><td class="memItemLeft" nowrap align="right" valign="top">void&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#gc0928df8a473e5a76fd8a2785d43ea9b">hx509_revoke_free</a> (hx509_revoke_ctx *ctx)</td></tr>
28
29<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#gbda08999b0473bda2077b54c96be79e9">hx509_revoke_add_ocsp</a> (hx509_context context, hx509_revoke_ctx ctx, const char *path)</td></tr>
30
31<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#g90c30e6adae77012e1360bb502b57c72">hx509_revoke_add_crl</a> (hx509_context context, hx509_revoke_ctx ctx, const char *path)</td></tr>
32
33<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#g3faf6194dc7429f8850e02b3ae2bbeeb">hx509_revoke_verify</a> (hx509_context context, hx509_revoke_ctx ctx, hx509_certs certs, time_t now, hx509_cert cert, hx509_cert parent_cert)</td></tr>
34
35<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#gef3bddfe2f6b619ced673cf9aef07c37">hx509_ocsp_request</a> (hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier *digest, heim_octet_string *request, heim_octet_string *nonce)</td></tr>
36
37<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__revoke.html#gb55b117222f61fd628744f2cd6d5a218">hx509_revoke_ocsp_print</a> (hx509_context context, const char *path, FILE *out)</td></tr>
38
39</table>
40<hr><a name="_details"></a><h2>Detailed Description</h2>
41See the <a class="el" href="page_revoke.html">Revocation methods</a> for description and examples. <hr><h2>Function Documentation</h2>
42<a class="anchor" name="gef3bddfe2f6b619ced673cf9aef07c37"></a><!-- doxytag: member="revoke.c::hx509_ocsp_request" ref="gef3bddfe2f6b619ced673cf9aef07c37" args="(hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier *digest, heim_octet_string *request, heim_octet_string *nonce)" -->
43<div class="memitem">
44<div class="memproto">
45      <table class="memname">
46        <tr>
47          <td class="memname">int hx509_ocsp_request           </td>
48          <td>(</td>
49          <td class="paramtype">hx509_context&nbsp;</td>
50          <td class="paramname"> <em>context</em>, </td>
51        </tr>
52        <tr>
53          <td class="paramkey"></td>
54          <td></td>
55          <td class="paramtype">hx509_certs&nbsp;</td>
56          <td class="paramname"> <em>reqcerts</em>, </td>
57        </tr>
58        <tr>
59          <td class="paramkey"></td>
60          <td></td>
61          <td class="paramtype">hx509_certs&nbsp;</td>
62          <td class="paramname"> <em>pool</em>, </td>
63        </tr>
64        <tr>
65          <td class="paramkey"></td>
66          <td></td>
67          <td class="paramtype">hx509_cert&nbsp;</td>
68          <td class="paramname"> <em>signer</em>, </td>
69        </tr>
70        <tr>
71          <td class="paramkey"></td>
72          <td></td>
73          <td class="paramtype">const AlgorithmIdentifier *&nbsp;</td>
74          <td class="paramname"> <em>digest</em>, </td>
75        </tr>
76        <tr>
77          <td class="paramkey"></td>
78          <td></td>
79          <td class="paramtype">heim_octet_string *&nbsp;</td>
80          <td class="paramname"> <em>request</em>, </td>
81        </tr>
82        <tr>
83          <td class="paramkey"></td>
84          <td></td>
85          <td class="paramtype">heim_octet_string *&nbsp;</td>
86          <td class="paramname"> <em>nonce</em></td><td>&nbsp;</td>
87        </tr>
88        <tr>
89          <td></td>
90          <td>)</td>
91          <td></td><td></td><td></td>
92        </tr>
93      </table>
94</div>
95<div class="memdoc">
96
97<p>
98Create an OCSP request for a set of certificates.<p>
99<dl compact><dt><b>Parameters:</b></dt><dd>
100  <table border="0" cellspacing="2" cellpadding="0">
101    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>a hx509 context </td></tr>
102    <tr><td valign="top"></td><td valign="top"><em>reqcerts</em>&nbsp;</td><td>list of certificates to request ocsp data for </td></tr>
103    <tr><td valign="top"></td><td valign="top"><em>pool</em>&nbsp;</td><td>certificate pool to use when signing </td></tr>
104    <tr><td valign="top"></td><td valign="top"><em>signer</em>&nbsp;</td><td>certificate to use to sign the request </td></tr>
105    <tr><td valign="top"></td><td valign="top"><em>digest</em>&nbsp;</td><td>the signing algorithm in the request, if NULL use the default signature algorithm, </td></tr>
106    <tr><td valign="top"></td><td valign="top"><em>request</em>&nbsp;</td><td>the encoded request, free with free_heim_octet_string(). </td></tr>
107    <tr><td valign="top"></td><td valign="top"><em>nonce</em>&nbsp;</td><td>nonce in the request, free with free_heim_octet_string().</td></tr>
108  </table>
109</dl>
110<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
111
112</div>
113</div><p>
114<a class="anchor" name="g90c30e6adae77012e1360bb502b57c72"></a><!-- doxytag: member="revoke.c::hx509_revoke_add_crl" ref="g90c30e6adae77012e1360bb502b57c72" args="(hx509_context context, hx509_revoke_ctx ctx, const char *path)" -->
115<div class="memitem">
116<div class="memproto">
117      <table class="memname">
118        <tr>
119          <td class="memname">int hx509_revoke_add_crl           </td>
120          <td>(</td>
121          <td class="paramtype">hx509_context&nbsp;</td>
122          <td class="paramname"> <em>context</em>, </td>
123        </tr>
124        <tr>
125          <td class="paramkey"></td>
126          <td></td>
127          <td class="paramtype">hx509_revoke_ctx&nbsp;</td>
128          <td class="paramname"> <em>ctx</em>, </td>
129        </tr>
130        <tr>
131          <td class="paramkey"></td>
132          <td></td>
133          <td class="paramtype">const char *&nbsp;</td>
134          <td class="paramname"> <em>path</em></td><td>&nbsp;</td>
135        </tr>
136        <tr>
137          <td></td>
138          <td>)</td>
139          <td></td><td></td><td></td>
140        </tr>
141      </table>
142</div>
143<div class="memdoc">
144
145<p>
146Add a CRL file to the revokation context.<p>
147<dl compact><dt><b>Parameters:</b></dt><dd>
148  <table border="0" cellspacing="2" cellpadding="0">
149    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>hx509 context </td></tr>
150    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>hx509 revokation context </td></tr>
151    <tr><td valign="top"></td><td valign="top"><em>path</em>&nbsp;</td><td>path to file that is going to be added to the context.</td></tr>
152  </table>
153</dl>
154<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
155
156</div>
157</div><p>
158<a class="anchor" name="gbda08999b0473bda2077b54c96be79e9"></a><!-- doxytag: member="revoke.c::hx509_revoke_add_ocsp" ref="gbda08999b0473bda2077b54c96be79e9" args="(hx509_context context, hx509_revoke_ctx ctx, const char *path)" -->
159<div class="memitem">
160<div class="memproto">
161      <table class="memname">
162        <tr>
163          <td class="memname">int hx509_revoke_add_ocsp           </td>
164          <td>(</td>
165          <td class="paramtype">hx509_context&nbsp;</td>
166          <td class="paramname"> <em>context</em>, </td>
167        </tr>
168        <tr>
169          <td class="paramkey"></td>
170          <td></td>
171          <td class="paramtype">hx509_revoke_ctx&nbsp;</td>
172          <td class="paramname"> <em>ctx</em>, </td>
173        </tr>
174        <tr>
175          <td class="paramkey"></td>
176          <td></td>
177          <td class="paramtype">const char *&nbsp;</td>
178          <td class="paramname"> <em>path</em></td><td>&nbsp;</td>
179        </tr>
180        <tr>
181          <td></td>
182          <td>)</td>
183          <td></td><td></td><td></td>
184        </tr>
185      </table>
186</div>
187<div class="memdoc">
188
189<p>
190Add a OCSP file to the revokation context.<p>
191<dl compact><dt><b>Parameters:</b></dt><dd>
192  <table border="0" cellspacing="2" cellpadding="0">
193    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>hx509 context </td></tr>
194    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>hx509 revokation context </td></tr>
195    <tr><td valign="top"></td><td valign="top"><em>path</em>&nbsp;</td><td>path to file that is going to be added to the context.</td></tr>
196  </table>
197</dl>
198<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
199
200</div>
201</div><p>
202<a class="anchor" name="gc0928df8a473e5a76fd8a2785d43ea9b"></a><!-- doxytag: member="revoke.c::hx509_revoke_free" ref="gc0928df8a473e5a76fd8a2785d43ea9b" args="(hx509_revoke_ctx *ctx)" -->
203<div class="memitem">
204<div class="memproto">
205      <table class="memname">
206        <tr>
207          <td class="memname">void hx509_revoke_free           </td>
208          <td>(</td>
209          <td class="paramtype">hx509_revoke_ctx *&nbsp;</td>
210          <td class="paramname"> <em>ctx</em>          </td>
211          <td>&nbsp;)&nbsp;</td>
212          <td></td>
213        </tr>
214      </table>
215</div>
216<div class="memdoc">
217
218<p>
219Free a hx509 revokation context.<p>
220<dl compact><dt><b>Parameters:</b></dt><dd>
221  <table border="0" cellspacing="2" cellpadding="0">
222    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>context to be freed </td></tr>
223  </table>
224</dl>
225
226</div>
227</div><p>
228<a class="anchor" name="g83057d3c52d4b298b92571d48cf7099e"></a><!-- doxytag: member="revoke.c::hx509_revoke_init" ref="g83057d3c52d4b298b92571d48cf7099e" args="(hx509_context context, hx509_revoke_ctx *ctx)" -->
229<div class="memitem">
230<div class="memproto">
231      <table class="memname">
232        <tr>
233          <td class="memname">int hx509_revoke_init           </td>
234          <td>(</td>
235          <td class="paramtype">hx509_context&nbsp;</td>
236          <td class="paramname"> <em>context</em>, </td>
237        </tr>
238        <tr>
239          <td class="paramkey"></td>
240          <td></td>
241          <td class="paramtype">hx509_revoke_ctx *&nbsp;</td>
242          <td class="paramname"> <em>ctx</em></td><td>&nbsp;</td>
243        </tr>
244        <tr>
245          <td></td>
246          <td>)</td>
247          <td></td><td></td><td></td>
248        </tr>
249      </table>
250</div>
251<div class="memdoc">
252
253<p>
254Allocate a revokation context. Free with <a class="el" href="group__hx509__revoke.html#gc0928df8a473e5a76fd8a2785d43ea9b">hx509_revoke_free()</a>.<p>
255<dl compact><dt><b>Parameters:</b></dt><dd>
256  <table border="0" cellspacing="2" cellpadding="0">
257    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
258    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>returns a newly allocated revokation context.</td></tr>
259  </table>
260</dl>
261<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
262
263</div>
264</div><p>
265<a class="anchor" name="gb55b117222f61fd628744f2cd6d5a218"></a><!-- doxytag: member="revoke.c::hx509_revoke_ocsp_print" ref="gb55b117222f61fd628744f2cd6d5a218" args="(hx509_context context, const char *path, FILE *out)" -->
266<div class="memitem">
267<div class="memproto">
268      <table class="memname">
269        <tr>
270          <td class="memname">int hx509_revoke_ocsp_print           </td>
271          <td>(</td>
272          <td class="paramtype">hx509_context&nbsp;</td>
273          <td class="paramname"> <em>context</em>, </td>
274        </tr>
275        <tr>
276          <td class="paramkey"></td>
277          <td></td>
278          <td class="paramtype">const char *&nbsp;</td>
279          <td class="paramname"> <em>path</em>, </td>
280        </tr>
281        <tr>
282          <td class="paramkey"></td>
283          <td></td>
284          <td class="paramtype">FILE *&nbsp;</td>
285          <td class="paramname"> <em>out</em></td><td>&nbsp;</td>
286        </tr>
287        <tr>
288          <td></td>
289          <td>)</td>
290          <td></td><td></td><td></td>
291        </tr>
292      </table>
293</div>
294<div class="memdoc">
295
296<p>
297Print the OCSP reply stored in a file.<p>
298<dl compact><dt><b>Parameters:</b></dt><dd>
299  <table border="0" cellspacing="2" cellpadding="0">
300    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>a hx509 context </td></tr>
301    <tr><td valign="top"></td><td valign="top"><em>path</em>&nbsp;</td><td>path to a file with a OCSP reply </td></tr>
302    <tr><td valign="top"></td><td valign="top"><em>out</em>&nbsp;</td><td>the out FILE descriptor to print the reply on</td></tr>
303  </table>
304</dl>
305<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
306
307</div>
308</div><p>
309<a class="anchor" name="g3faf6194dc7429f8850e02b3ae2bbeeb"></a><!-- doxytag: member="revoke.c::hx509_revoke_verify" ref="g3faf6194dc7429f8850e02b3ae2bbeeb" args="(hx509_context context, hx509_revoke_ctx ctx, hx509_certs certs, time_t now, hx509_cert cert, hx509_cert parent_cert)" -->
310<div class="memitem">
311<div class="memproto">
312      <table class="memname">
313        <tr>
314          <td class="memname">int hx509_revoke_verify           </td>
315          <td>(</td>
316          <td class="paramtype">hx509_context&nbsp;</td>
317          <td class="paramname"> <em>context</em>, </td>
318        </tr>
319        <tr>
320          <td class="paramkey"></td>
321          <td></td>
322          <td class="paramtype">hx509_revoke_ctx&nbsp;</td>
323          <td class="paramname"> <em>ctx</em>, </td>
324        </tr>
325        <tr>
326          <td class="paramkey"></td>
327          <td></td>
328          <td class="paramtype">hx509_certs&nbsp;</td>
329          <td class="paramname"> <em>certs</em>, </td>
330        </tr>
331        <tr>
332          <td class="paramkey"></td>
333          <td></td>
334          <td class="paramtype">time_t&nbsp;</td>
335          <td class="paramname"> <em>now</em>, </td>
336        </tr>
337        <tr>
338          <td class="paramkey"></td>
339          <td></td>
340          <td class="paramtype">hx509_cert&nbsp;</td>
341          <td class="paramname"> <em>cert</em>, </td>
342        </tr>
343        <tr>
344          <td class="paramkey"></td>
345          <td></td>
346          <td class="paramtype">hx509_cert&nbsp;</td>
347          <td class="paramname"> <em>parent_cert</em></td><td>&nbsp;</td>
348        </tr>
349        <tr>
350          <td></td>
351          <td>)</td>
352          <td></td><td></td><td></td>
353        </tr>
354      </table>
355</div>
356<div class="memdoc">
357
358<p>
359Check that a certificate is not expired according to a revokation context. Also need the parent certificte to the check OCSP parent identifier.<p>
360<dl compact><dt><b>Parameters:</b></dt><dd>
361  <table border="0" cellspacing="2" cellpadding="0">
362    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>hx509 context </td></tr>
363    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>hx509 revokation context </td></tr>
364    <tr><td valign="top"></td><td valign="top"><em>certs</em>&nbsp;</td><td></td></tr>
365    <tr><td valign="top"></td><td valign="top"><em>now</em>&nbsp;</td><td></td></tr>
366    <tr><td valign="top"></td><td valign="top"><em>cert</em>&nbsp;</td><td></td></tr>
367    <tr><td valign="top"></td><td valign="top"><em>parent_cert</em>&nbsp;</td><td></td></tr>
368  </table>
369</dl>
370<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
371
372</div>
373</div><p>
374</div>
375<hr size="1"><address style="text-align: right;"><small>
376Generated on Wed Jan 11 14:07:40 2012 for Heimdalx509library by&nbsp;<a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address>
377</body>
378</html>
379