OLD | NEW |
| (Empty) |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
4 /* | |
5 * This file defines functions associated with the PKIX_CertStore type. | |
6 * | |
7 */ | |
8 | |
9 #ifndef _PKIX_CERTSTORE_H | |
10 #define _PKIX_CERTSTORE_H | |
11 | |
12 #include "pkixt.h" | |
13 #include "certt.h" | |
14 | |
15 #ifdef __cplusplus | |
16 extern "C" { | |
17 #endif | |
18 | |
19 /* General | |
20 * | |
21 * Please refer to the libpkix Programmer's Guide for detailed information | |
22 * about how to use the libpkix library. Certain key warnings and notices from | |
23 * that document are repeated here for emphasis. | |
24 * | |
25 * All identifiers in this file (and all public identifiers defined in | |
26 * libpkix) begin with "PKIX_". Private identifiers only intended for use | |
27 * within the library begin with "pkix_". | |
28 * | |
29 * A function returns NULL upon success, and a PKIX_Error pointer upon failure. | |
30 * | |
31 * Unless otherwise noted, for all accessor (gettor) functions that return a | |
32 * PKIX_PL_Object pointer, callers should assume that this pointer refers to a | |
33 * shared object. Therefore, the caller should treat this shared object as | |
34 * read-only and should not modify this shared object. When done using the | |
35 * shared object, the caller should release the reference to the object by | |
36 * using the PKIX_PL_Object_DecRef function. | |
37 * | |
38 * While a function is executing, if its arguments (or anything referred to by | |
39 * its arguments) are modified, free'd, or destroyed, the function's behavior | |
40 * is undefined. | |
41 * | |
42 */ | |
43 | |
44 /* PKIX_CertStore | |
45 * | |
46 * A PKIX_CertStore provides a standard way for the caller to retrieve | |
47 * certificates and CRLs from a particular repository (or "store") of | |
48 * certificates and CRLs, including LDAP directories, flat files, local | |
49 * databases, etc. The CertCallback allows custom certificate retrieval logic | |
50 * to be used while the CRLCallback allows custom CRL retrieval logic to be | |
51 * used. Additionally, a CertStore can be initialized with a certStoreContext, | |
52 * which is where the caller can specify configuration data such as the host | |
53 * name of an LDAP server. Note that this certStoreContext must be an | |
54 * Object (although any object type), allowing it to be reference-counted and | |
55 * allowing it to provide the standard Object functions (Equals, Hashcode, | |
56 * ToString, Compare, Duplicate). Please note that each certStoreContext must | |
57 * provide Equals and Hashcode functions in order for the caching (on Cert and | |
58 * CertChain) to work correctly. When providing those two functions, it is not | |
59 * required that all the components of the object be hashed or checked for | |
60 * equality, but merely that the functions distinguish between unique | |
61 * instances of the certStoreContext. | |
62 * | |
63 * Once the caller has created the CertStore object, the caller then specifies | |
64 * these CertStore objects in a ProcessingParams object and passes that object | |
65 * to PKIX_ValidateChain or PKIX_BuildChain, which uses the objects to call the | |
66 * user's callback functions as needed during the validation or building | |
67 * process. | |
68 * | |
69 * The order of CertStores stored (as a list) at ProcessingParams determines | |
70 * the order in which certificates are retrieved. Trusted CertStores should | |
71 * precede non-trusted ones on the list of CertStores so their certificates | |
72 * are evaluated ahead of other certificates selected on the basis of the same | |
73 * selector criteria. | |
74 * | |
75 * The CheckTrustCallback function is used when the CertStore object | |
76 * supports trust status, which means a Cert's trust status can be altered | |
77 * dynamically. When a CertStore object is created, if the | |
78 * CheckTrustCallback is initialized to be non-NULL, this CertStore is | |
79 * defaulted as supporting trust. Then whenever a Cert needs to (re)check its | |
80 * trust status, this callback can be invoked. When a Cert is retrieved by | |
81 * a CertStore supports trust, at its GetCertCallback, the CertStore | |
82 * information should be updated in Cert's data structure so the link between | |
83 * the Cert and CertStore exists. | |
84 * | |
85 */ | |
86 | |
87 /* | |
88 * FUNCTION: PKIX_CertStore_CertCallback | |
89 * DESCRIPTION: | |
90 * | |
91 * This callback function retrieves from the CertStore pointed to by "store" | |
92 * all the certificates that match the CertSelector pointed to by "selector". | |
93 * It places these certificates in a List and stores a pointer to the List at | |
94 * "pCerts". If no certificates are found which match the CertSelector's | |
95 * criteria, this function stores an empty List at "pCerts". In either case, if | |
96 * the operation is completed, NULL is stored at "pNBIOContext". | |
97 * | |
98 * A CertStore which uses non-blocking I/O may store platform-dependent | |
99 * information at "pNBIOContext" and NULL at "pCerts" to indicate that I/O is | |
100 * pending. A subsequent call to PKIX_CertStore_CertContinue is required to | |
101 * finish the operation and to obtain the List of Certs. | |
102 * | |
103 * Note that the List returned by this function is immutable. | |
104 * | |
105 * PARAMETERS: | |
106 * "store" | |
107 * Address of CertStore from which Certs are to be retrieved. | |
108 * Must be non-NULL. | |
109 * "selector" | |
110 * Address of CertSelector whose criteria must be satisfied. | |
111 * Must be non-NULL. | |
112 * "verifyNode" | |
113 * Parent log node for tracking of filtered out certs. | |
114 * "pNBIOContext" | |
115 * Address at which platform-dependent information is stored if the | |
116 * operation is suspended for non-blocking I/O. Must be non-NULL. | |
117 * "pCerts" | |
118 * Address where object pointer will be stored. Must be non-NULL. | |
119 * "plContext" | |
120 * Platform-specific context pointer. | |
121 * THREAD SAFETY: | |
122 * Thread Safe | |
123 * | |
124 * Multiple threads must be able to safely call this function without | |
125 * worrying about conflicts, even if they're operating on the same object. | |
126 * RETURNS: | |
127 * Returns NULL if the function succeeds. | |
128 * Returns a CertStore Error if the function fails in a non-fatal way. | |
129 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
130 */ | |
131 typedef PKIX_Error * | |
132 (*PKIX_CertStore_CertCallback)( | |
133 PKIX_CertStore *store, | |
134 PKIX_CertSelector *selector, | |
135 PKIX_VerifyNode *verifyNode, | |
136 void **pNBIOContext, | |
137 PKIX_List **pCerts, /* list of PKIX_PL_Cert */ | |
138 void *plContext); | |
139 | |
140 /* | |
141 * FUNCTION: PKIX_CertStore_CertContinue | |
142 * DESCRIPTION: | |
143 * | |
144 * This function continues the non-blocking operation initiated by an earlier | |
145 * call to the CertCallback function, for the CertStore pointed to by "store". | |
146 * If an earlier call did not terminate with the WOULDBLOCK indication (non-NUL
L | |
147 * value returned in "pNBIOContext") calling this function will return a fatal | |
148 * error. If the operation is completed the certificates found are placed in a | |
149 * List, a pointer to which is stored at "pCerts". If no certificates are found | |
150 * which match the CertSelector's criteria, this function stores an empty List | |
151 * at "pCerts". In either case, if the operation is completed, NULL is stored | |
152 * at "pNBIOContext". | |
153 * | |
154 * If non-blocking I/O is still pending this function stores platform-dependent | |
155 * information at "pNBIOContext" and NULL at "pCerts". A subsequent call to | |
156 * PKIX_CertStore_CertContinue is required to finish the operation and to | |
157 * obtain the List of Certs. | |
158 * | |
159 * Note that the List returned by this function is immutable. | |
160 * | |
161 * PARAMETERS: | |
162 * "store" | |
163 * Address of CertStore from which Certs are to be retrieved. | |
164 * Must be non-NULL. | |
165 * "selector" | |
166 * Address of CertSelector whose criteria must be satisfied. | |
167 * Must be non-NULL. | |
168 * "verifyNode" | |
169 * Parent log node for tracking of filtered out certs. | |
170 * "pNBIOContext" | |
171 * Address at which platform-dependent information is stored if the | |
172 * operation is suspended for non-blocking I/O. Must be non-NULL. | |
173 * "pCerts" | |
174 * Address where object pointer will be stored. Must be non-NULL. | |
175 * "plContext" | |
176 * Platform-specific context pointer. | |
177 * THREAD SAFETY: | |
178 * Thread Safe | |
179 * | |
180 * Multiple threads must be able to safely call this function without | |
181 * worrying about conflicts, even if they're operating on the same object. | |
182 * RETURNS: | |
183 * Returns NULL if the function succeeds. | |
184 * Returns a CertStore Error if the function fails in a non-fatal way. | |
185 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
186 */ | |
187 PKIX_Error * | |
188 PKIX_CertStore_CertContinue( | |
189 PKIX_CertStore *store, | |
190 PKIX_CertSelector *selector, | |
191 PKIX_VerifyNode *verifyNode, | |
192 void **pNBIOContext, | |
193 PKIX_List **pCerts, /* list of PKIX_PL_Cert */ | |
194 void *plContext); | |
195 | |
196 typedef PKIX_Error * | |
197 (*PKIX_CertStore_CertContinueFunction)( | |
198 PKIX_CertStore *store, | |
199 PKIX_CertSelector *selector, | |
200 PKIX_VerifyNode *verifyNode, | |
201 void **pNBIOContext, | |
202 PKIX_List **pCerts, /* list of PKIX_PL_Cert */ | |
203 void *plContext); | |
204 | |
205 /* | |
206 * FUNCTION: PKIX_CertStore_CRLCallback | |
207 * DESCRIPTION: | |
208 * | |
209 * This callback function retrieves from the CertStore pointed to by "store" | |
210 * all the CRLs that match the CRLSelector pointed to by "selector". It | |
211 * places these CRLs in a List and stores a pointer to the List at "pCRLs". | |
212 * If no CRLs are found which match the CRLSelector's criteria, this function | |
213 * stores an empty List at "pCRLs". In either case, if the operation is | |
214 * completed, NULL is stored at "pNBIOContext". | |
215 * | |
216 * A CertStore which uses non-blocking I/O may store platform-dependent | |
217 * information at "pNBIOContext" and NULL at "pCrls" to indicate that I/O is | |
218 * pending. A subsequent call to PKIX_CertStore_CRLContinue is required to | |
219 * finish the operation and to obtain the List of Crls. | |
220 * | |
221 * Note that the List returned by this function is immutable. | |
222 * | |
223 * PARAMETERS: | |
224 * "store" | |
225 * Address of CertStore from which CRLs are to be retrieved. | |
226 * Must be non-NULL. | |
227 * "selector" | |
228 * Address of CRLSelector whose criteria must be satisfied. | |
229 * Must be non-NULL. | |
230 * "pCrls" | |
231 * Address where object pointer will be stored. Must be non-NULL. | |
232 * "plContext" | |
233 * Platform-specific context pointer. | |
234 * THREAD SAFETY: | |
235 * Thread Safe | |
236 * | |
237 * Multiple threads must be able to safely call this function without | |
238 * worrying about conflicts, even if they're operating on the same object. | |
239 * RETURNS: | |
240 * Returns NULL if the function succeeds. | |
241 * Returns a CertStore Error if the function fails in a non-fatal way. | |
242 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
243 */ | |
244 typedef PKIX_Error * | |
245 (*PKIX_CertStore_CRLCallback)( | |
246 PKIX_CertStore *store, | |
247 PKIX_CRLSelector *selector, | |
248 void **pNBIOContext, | |
249 PKIX_List **pCrls, /* list of PKIX_PL_CRL */ | |
250 void *plContext); | |
251 | |
252 /* | |
253 * FUNCTION: PKIX_CertStore_ImportCrlCallback | |
254 * DESCRIPTION: | |
255 * | |
256 * The function imports crl list into a cert store. Stores that | |
257 * have local cache may only have that function defined. | |
258 * | |
259 * PARAMETERS: | |
260 * "store" | |
261 * Address of CertStore from which CRLs are to be retrieved. | |
262 * Must be non-NULL. | |
263 * "issuerName" | |
264 * Name of the issuer that will be used to track bad der crls. | |
265 * "crlList" | |
266 * Address on the importing crl list. | |
267 * "plContext" | |
268 * Platform-specific context pointer. | |
269 * THREAD SAFETY: | |
270 * Thread Safe | |
271 * | |
272 * Multiple threads must be able to safely call this function without | |
273 * worrying about conflicts, even if they're operating on the same object. | |
274 * RETURNS: | |
275 * Returns NULL if the function succeeds. | |
276 * Returns a CertStore Error if the function fails in a non-fatal way. | |
277 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
278 */ | |
279 typedef PKIX_Error * | |
280 (*PKIX_CertStore_ImportCrlCallback)( | |
281 PKIX_CertStore *store, | |
282 PKIX_PL_X500Name *issuerName, | |
283 PKIX_List *crlList, | |
284 void *plContext); | |
285 | |
286 /* | |
287 * FUNCTION: PKIX_CertStore_CheckRevokationByCrlCallback | |
288 * DESCRIPTION: | |
289 * | |
290 * The function checks revocation status of a cert with specified | |
291 * issuer, date. It returns revocation status of a cert and | |
292 * a reason code(if any) if a cert was revoked. | |
293 * | |
294 * PARAMETERS: | |
295 * "store" | |
296 * Address of CertStore from which CRLs are to be retrieved. | |
297 * Must be non-NULL. | |
298 * "cert" | |
299 * Certificate which revocation status will be checked. | |
300 * "issuer" | |
301 * Issuer certificate of the "crl". | |
302 * "date" | |
303 * Date of the revocation check. | |
304 * "crlDownloadDone" | |
305 * Indicates, that all needed crl downloads are done by the time of | |
306 * the revocation check. | |
307 * "reasonCode" | |
308 * If cert is revoked, returned reason code for which a cert was revoked. | |
309 * "revStatus" | |
310 * Returned revocation status of the cert. See PKIX_RevocationStatus | |
311 * for more details | |
312 * "plContext" | |
313 * Platform-specific context pointer. | |
314 * THREAD SAFETY: | |
315 * Thread Safe | |
316 * | |
317 * Multiple threads must be able to safely call this function without | |
318 * worrying about conflicts, even if they're operating on the same object. | |
319 * RETURNS: | |
320 * Returns NULL if the function succeeds. | |
321 * Returns a CertStore Error if the function fails in a non-fatal way. | |
322 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
323 */ | |
324 typedef PKIX_Error * | |
325 (*PKIX_CertStore_CheckRevokationByCrlCallback)( | |
326 PKIX_CertStore *store, | |
327 PKIX_PL_Cert *cert, | |
328 PKIX_PL_Cert *issuer, | |
329 PKIX_PL_Date *date, | |
330 PKIX_Boolean crlDownloadDone, | |
331 CERTCRLEntryReasonCode *reasonCode, | |
332 PKIX_RevocationStatus *revStatus, | |
333 void *plContext); | |
334 | |
335 /* | |
336 * FUNCTION: PKIX_CertStore_CrlContinue | |
337 * DESCRIPTION: | |
338 * | |
339 * This function continues the non-blocking operation initiated by an earlier | |
340 * call to the CRLCallback function, for the CertStore pointed to by "store". | |
341 * If an earlier call did not terminate with the WOULDBLOCK indication (non-NUL
L | |
342 * value returned in "pNBIOContext") calling this function will return a fatal | |
343 * error. If the operation is completed the crls found are placed in a List, a | |
344 * pointer to which is stored at "pCrls". If no crls are found which match the | |
345 * CRLSelector's criteria, this function stores an empty List at "pCrls". In | |
346 * either case, if the operation is completed, NULL is stored at "pNBIOContext"
. | |
347 * | |
348 * If non-blocking I/O is still pending this function stores platform-dependent | |
349 * information at "pNBIOContext" and NULL at "pCrls". A subsequent call to | |
350 * PKIX_CertStore_CrlContinue is required to finish the operation and to | |
351 * obtain the List of Crls. | |
352 * | |
353 * Note that the List returned by this function is immutable. | |
354 * | |
355 * PARAMETERS: | |
356 * "store" | |
357 * Address of CertStore from which Crls are to be retrieved. | |
358 * Must be non-NULL. | |
359 * "selector" | |
360 * Address of CRLSelector whose criteria must be satisfied. | |
361 * Must be non-NULL. | |
362 * "pNBIOContext" | |
363 * Address at which platform-dependent information is stored if the | |
364 * operation is suspended for non-blocking I/O. Must be non-NULL. | |
365 * "pCrls" | |
366 * Address where object pointer will be stored. Must be non-NULL. | |
367 * "plContext" | |
368 * Platform-specific context pointer. | |
369 * THREAD SAFETY: | |
370 * Thread Safe | |
371 * | |
372 * Multiple threads must be able to safely call this function without | |
373 * worrying about conflicts, even if they're operating on the same object. | |
374 * RETURNS: | |
375 * Returns NULL if the function succeeds. | |
376 * Returns a CertStore Error if the function fails in a non-fatal way. | |
377 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
378 */ | |
379 PKIX_Error * | |
380 PKIX_CertStore_CrlContinue( | |
381 PKIX_CertStore *store, | |
382 PKIX_CRLSelector *selector, | |
383 void **pNBIOContext, | |
384 PKIX_List **pCrls, /* list of PKIX_PL_CRL */ | |
385 void *plContext); | |
386 | |
387 typedef PKIX_Error * | |
388 (*PKIX_CertStore_CrlContinueFunction)( | |
389 PKIX_CertStore *store, | |
390 PKIX_CRLSelector *selector, | |
391 void **pNBIOContext, | |
392 PKIX_List **pCrls, /* list of PKIX_PL_CRL */ | |
393 void *plContext); | |
394 | |
395 /* | |
396 * FUNCTION: PKIX_CertStore_CheckTrustCallback | |
397 * DESCRIPTION: | |
398 * | |
399 * This callback function rechecks "cert's" trust status from the CertStore | |
400 * pointed to by "store". | |
401 * | |
402 * PARAMETERS: | |
403 * "store" | |
404 * Address of CertStore from which Certs are to be checked. | |
405 * Must be non-NULL. | |
406 * "cert" | |
407 * Address of Cert whose trust status needs to be rechecked. | |
408 * Must be non-NULL. | |
409 * "pTrusted" | |
410 * Address of PKIX_Boolean where the trust status is returned. | |
411 * Must be non-NULL. | |
412 * "plContext" | |
413 * Platform-specific context pointer. | |
414 * THREAD SAFETY: | |
415 * Thread Safe | |
416 * | |
417 * Multiple threads must be able to safely call this function without | |
418 * worrying about conflicts, even if they're operating on the same object. | |
419 * RETURNS: | |
420 * Returns NULL if the function succeeds. | |
421 * Returns a CertStore Error if the function fails in a non-fatal way. | |
422 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
423 */ | |
424 typedef PKIX_Error * | |
425 (*PKIX_CertStore_CheckTrustCallback)( | |
426 PKIX_CertStore *store, | |
427 PKIX_PL_Cert *cert, | |
428 PKIX_Boolean *pTrusted, | |
429 void *plContext); | |
430 | |
431 /* | |
432 * FUNCTION: PKIX_CertStore_Create | |
433 * DESCRIPTION: | |
434 * | |
435 * Creates a new CertStore and stores it at "pStore". The new CertStore uses | |
436 * the CertCallback pointed to by "certCallback" and the CRLCallback pointed | |
437 * to by "crlCallback" as its callback functions and uses the Object pointed | |
438 * to by "certStoreContext" as its context . Note that this certStoreContext | |
439 * must be an Object (although any object type), allowing it to be | |
440 * reference-counted and allowing it to provide the standard Object functions | |
441 * (Equals, Hashcode, ToString, Compare, Duplicate). Once created, a | |
442 * CertStore object is immutable, although the underlying repository can | |
443 * change. For example, a CertStore will often be a front-end for a database | |
444 * or directory. The contents of that directory can change after the | |
445 * CertStore object is created, but the CertStore object remains immutable. | |
446 * | |
447 * PARAMETERS: | |
448 * "certCallback" | |
449 * The CertCallback function to be used. Must be non-NULL. | |
450 * "crlCallback" | |
451 * The CRLCallback function to be used. Must be non-NULL. | |
452 * "certContinue" | |
453 * The function to be used to resume a certCallback that returned with a | |
454 * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blockin
g | |
455 * I/O. | |
456 * "crlContinue" | |
457 * The function to be used to resume a crlCallback that returned with a | |
458 * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blockin
g | |
459 * I/O. | |
460 * "trustCallback" | |
461 * Address of PKIX_CertStore_CheckTrustCallback which is called to | |
462 * verify the trust status of Certs in this CertStore. | |
463 * "certStoreContext" | |
464 * Address of Object representing the CertStore's context (if any). | |
465 * "cachedFlag" | |
466 * If TRUE indicates data retrieved from CertStore should be cached. | |
467 * "localFlag" | |
468 * Boolean value indicating whether this CertStore is local. | |
469 * "pStore" | |
470 * Address where object pointer will be stored. Must be non-NULL. | |
471 * "plContext" | |
472 * Platform-specific context pointer. | |
473 * THREAD SAFETY: | |
474 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
475 * RETURNS: | |
476 * Returns NULL if the function succeeds. | |
477 * Returns a CertStore Error if the function fails in a non-fatal way. | |
478 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
479 */ | |
480 PKIX_Error * | |
481 PKIX_CertStore_Create( | |
482 PKIX_CertStore_CertCallback certCallback, | |
483 PKIX_CertStore_CRLCallback crlCallback, | |
484 PKIX_CertStore_CertContinueFunction certContinue, | |
485 PKIX_CertStore_CrlContinueFunction crlContinue, | |
486 PKIX_CertStore_CheckTrustCallback trustCallback, | |
487 PKIX_CertStore_ImportCrlCallback importCrlCallback, | |
488 PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback, | |
489 PKIX_PL_Object *certStoreContext, | |
490 PKIX_Boolean cachedFlag, | |
491 PKIX_Boolean localFlag, | |
492 PKIX_CertStore **pStore, | |
493 void *plContext); | |
494 | |
495 /* | |
496 * FUNCTION: PKIX_CertStore_GetCertCallback | |
497 * DESCRIPTION: | |
498 * | |
499 * Retrieves a pointer to "store's" Cert callback function and put it in | |
500 * "pCallback". | |
501 * | |
502 * PARAMETERS: | |
503 * "store" | |
504 * The CertStore whose Cert callback is desired. Must be non-NULL. | |
505 * "pCallback" | |
506 * Address where Cert callback function pointer will be stored. | |
507 * Must be non-NULL. | |
508 * "plContext" | |
509 * Platform-specific context pointer. | |
510 * THREAD SAFETY: | |
511 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
512 * RETURNS: | |
513 * Returns NULL if the function succeeds. | |
514 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
515 */ | |
516 PKIX_Error * | |
517 PKIX_CertStore_GetCertCallback( | |
518 PKIX_CertStore *store, | |
519 PKIX_CertStore_CertCallback *pCallback, | |
520 void *plContext); | |
521 | |
522 /* | |
523 * FUNCTION: PKIX_CertStore_GetCRLCallback | |
524 * DESCRIPTION: | |
525 * | |
526 * Retrieves a pointer to "store's" CRL callback function and put it in | |
527 * "pCallback". | |
528 * | |
529 * PARAMETERS: | |
530 * "store" | |
531 * The CertStore whose CRL callback is desired. Must be non-NULL. | |
532 * "pCallback" | |
533 * Address where CRL callback function pointer will be stored. | |
534 * Must be non-NULL. | |
535 * "plContext" | |
536 * Platform-specific context pointer. | |
537 * THREAD SAFETY: | |
538 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
539 * RETURNS: | |
540 * Returns NULL if the function succeeds. | |
541 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
542 */ | |
543 PKIX_Error * | |
544 PKIX_CertStore_GetCRLCallback( | |
545 PKIX_CertStore *store, | |
546 PKIX_CertStore_CRLCallback *pCallback, | |
547 void *plContext); | |
548 | |
549 /* | |
550 * FUNCTION: PKIX_CertStore_GetImportCrlCallback | |
551 * DESCRIPTION: | |
552 * | |
553 * Retrieves a pointer to "store's" Import CRL callback function and put it in | |
554 * "pCallback". | |
555 * | |
556 * PARAMETERS: | |
557 * "store" | |
558 * The CertStore whose CRL callback is desired. Must be non-NULL. | |
559 * "pCallback" | |
560 * Address where CRL callback function pointer will be stored. | |
561 * Must be non-NULL. | |
562 * "plContext" | |
563 * Platform-specific context pointer. | |
564 * THREAD SAFETY: | |
565 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
566 * RETURNS: | |
567 * Returns NULL if the function succeeds. | |
568 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
569 */ | |
570 PKIX_Error * | |
571 PKIX_CertStore_GetImportCrlCallback( | |
572 PKIX_CertStore *store, | |
573 PKIX_CertStore_ImportCrlCallback *pCallback, | |
574 void *plContext); | |
575 | |
576 /* | |
577 * FUNCTION: PKIX_CertStore_GetCheckRevByCrl | |
578 * DESCRIPTION: | |
579 * | |
580 * Retrieves a pointer to "store's" CRL revocation checker callback function | |
581 * and put it in "pCallback". | |
582 * | |
583 * PARAMETERS: | |
584 * "store" | |
585 * The CertStore whose CRL callback is desired. Must be non-NULL. | |
586 * "pCallback" | |
587 * Address where CRL callback function pointer will be stored. | |
588 * Must be non-NULL. | |
589 * "plContext" | |
590 * Platform-specific context pointer. | |
591 * THREAD SAFETY: | |
592 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
593 * RETURNS: | |
594 * Returns NULL if the function succeeds. | |
595 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
596 */ | |
597 PKIX_Error * | |
598 PKIX_CertStore_GetCrlCheckerFn( | |
599 PKIX_CertStore *store, | |
600 PKIX_CertStore_CheckRevokationByCrlCallback *pCallback, | |
601 void *plContext); | |
602 | |
603 /* | |
604 * FUNCTION: PKIX_CertStore_GetTrustCallback | |
605 * DESCRIPTION: | |
606 * | |
607 * Retrieves the function pointer to the CheckTrust callback function of the | |
608 * CertStore pointed to by "store" and stores it at "pCallback". | |
609 * | |
610 * PARAMETERS: | |
611 * "store" | |
612 * The CertStore whose CheckTrust callback is desired. Must be non-NULL. | |
613 * "pCallback" | |
614 * Address where CheckTrust callback function pointer will be stored. | |
615 * Must be non-NULL. | |
616 * "plContext" | |
617 * Platform-specific context pointer. | |
618 * THREAD SAFETY: | |
619 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
620 * RETURNS: | |
621 * Returns NULL if the function succeeds. | |
622 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
623 */ | |
624 PKIX_Error * | |
625 PKIX_CertStore_GetTrustCallback( | |
626 PKIX_CertStore *store, | |
627 PKIX_CertStore_CheckTrustCallback *pCallback, | |
628 void *plContext); | |
629 | |
630 /* | |
631 * FUNCTION: PKIX_CertStore_GetCertStoreContext | |
632 * DESCRIPTION: | |
633 * | |
634 * Retrieves a pointer to the Object representing the context (if any) | |
635 * of the CertStore pointed to by "store" and stores it at | |
636 * "pCertStoreContext". | |
637 * | |
638 * PARAMETERS: | |
639 * "store" | |
640 * Address of CertStore whose context is to be stored. Must be non-NULL. | |
641 * "pCertStoreContext" | |
642 * Address where object pointer will be stored. Must be non-NULL. | |
643 * "plContext" | |
644 * Platform-specific context pointer. | |
645 * THREAD SAFETY: | |
646 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
647 * RETURNS: | |
648 * Returns NULL if the function succeeds. | |
649 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
650 */ | |
651 PKIX_Error * | |
652 PKIX_CertStore_GetCertStoreContext( | |
653 PKIX_CertStore *store, | |
654 PKIX_PL_Object **pCertStoreContext, | |
655 void *plContext); | |
656 | |
657 /* | |
658 * FUNCTION: PKIX_CertStore_GetCertStoreCacheFlag | |
659 * DESCRIPTION: | |
660 * | |
661 * Retrieves the Boolean cache flag of the CertStore pointed to by "store" and | |
662 * stores it at "pCachedFlag". | |
663 * | |
664 * PARAMETERS: | |
665 * "store" | |
666 * Address of CertStore whose cache flag is to be stored. Must be non-NULL. | |
667 * "pCacheFlag" | |
668 * Address where the result will be stored. Must be non-NULL. | |
669 * "plContext" | |
670 * Platform-specific context pointer. | |
671 * THREAD SAFETY: | |
672 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
673 * RETURNS: | |
674 * Returns NULL if the function succeeds. | |
675 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
676 */ | |
677 PKIX_Error * | |
678 PKIX_CertStore_GetCertStoreCacheFlag( | |
679 PKIX_CertStore *store, | |
680 PKIX_Boolean *pCacheFlag, | |
681 void *plContext); | |
682 | |
683 /* | |
684 * FUNCTION: PKIX_CertStore_GetLocalFlag | |
685 * DESCRIPTION: | |
686 * | |
687 * Retrieves the Boolean localFlag for the CertStore pointed to by "store" and | |
688 * stores it at "pLocalFlag". The localFlag is TRUE if the CertStore can | |
689 * fulfill a request without performing network I/O. | |
690 * | |
691 * PARAMETERS: | |
692 * "store" | |
693 * The CertStore whose Local flag is desired. Must be non-NULL. | |
694 * "pCallback" | |
695 * Address where the Boolean LocalFlag will be stored. Must be non-NULL. | |
696 * "plContext" | |
697 * Platform-specific context pointer. | |
698 * THREAD SAFETY: | |
699 * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |
700 * RETURNS: | |
701 * Returns NULL if the function succeeds. | |
702 * Returns a Fatal Error if the function fails in an unrecoverable way. | |
703 */ | |
704 PKIX_Error * | |
705 PKIX_CertStore_GetLocalFlag( | |
706 PKIX_CertStore *store, | |
707 PKIX_Boolean *pLocalFlag, | |
708 void *plContext); | |
709 | |
710 #ifdef __cplusplus | |
711 } | |
712 #endif | |
713 | |
714 #endif /* _PKIX_CERTSTORE_H */ | |
OLD | NEW |