pkixt.h (17198B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 /* 5 * This file defines the types in the libpkix API. 6 * XXX Maybe we should specify the API version number in all API header files 7 * 8 */ 9 10 #ifndef _PKIXT_H 11 #define _PKIXT_H 12 13 #ifdef __cplusplus 14 extern "C" { 15 #endif 16 17 #include "secerr.h" 18 19 /* Types 20 * 21 * This header file provides typedefs for the abstract types used by libpkix. 22 * It also provides several useful macros. 23 * 24 * Note that all these abstract types are typedef'd as opaque structures. This 25 * is intended to discourage the caller from looking at the contents directly, 26 * since the format of the contents may change from one version of the library 27 * to the next. Instead, callers should only access these types using the 28 * functions defined in the public header files. 29 * 30 * An instance of an abstract type defined in this file is called an "object" 31 * here, although C does not have real support for objects. 32 * 33 * Because C does not typically have automatic garbage collection, the caller 34 * is expected to release the reference to any object that they create or that 35 * is returned to them by a libpkix function. The caller should do this by 36 * using the PKIX_PL_Object_DecRef function. Note that the caller should not 37 * release the reference to an object if the object has been passed to a 38 * libpkix function and that function has not returned. 39 * 40 * Please refer to libpkix Programmer's Guide for more details. 41 */ 42 43 /* Version 44 * 45 * These macros specify the major and minor version of the libpkix API defined 46 * by this header file. 47 */ 48 49 #define PKIX_MAJOR_VERSION ((PKIX_UInt32) 0) 50 #define PKIX_MINOR_VERSION ((PKIX_UInt32) 3) 51 52 /* Maximum minor version 53 * 54 * This macro is used to specify that the caller wants the largest minor 55 * version available. 56 */ 57 58 #define PKIX_MAX_MINOR_VERSION ((PKIX_UInt32) 4000000000) 59 60 /* Define Cert Store type for database access */ 61 #define PKIX_STORE_TYPE_NONE 0 62 #define PKIX_STORE_TYPE_PK11 1 63 64 /* Portable Code (PC) data types 65 * 66 * These types are used to perform the primary operations of this library: 67 * building and validating chains of X.509 certificates. 68 */ 69 70 typedef struct PKIX_ErrorStruct PKIX_Error; 71 typedef struct PKIX_ProcessingParamsStruct PKIX_ProcessingParams; 72 typedef struct PKIX_ValidateParamsStruct PKIX_ValidateParams; 73 typedef struct PKIX_ValidateResultStruct PKIX_ValidateResult; 74 typedef struct PKIX_ResourceLimitsStruct PKIX_ResourceLimits; 75 typedef struct PKIX_BuildResultStruct PKIX_BuildResult; 76 typedef struct PKIX_CertStoreStruct PKIX_CertStore; 77 typedef struct PKIX_CertChainCheckerStruct PKIX_CertChainChecker; 78 typedef struct PKIX_RevocationCheckerStruct PKIX_RevocationChecker; 79 typedef struct PKIX_CertSelectorStruct PKIX_CertSelector; 80 typedef struct PKIX_CRLSelectorStruct PKIX_CRLSelector; 81 typedef struct PKIX_ComCertSelParamsStruct PKIX_ComCertSelParams; 82 typedef struct PKIX_ComCRLSelParamsStruct PKIX_ComCRLSelParams; 83 typedef struct PKIX_TrustAnchorStruct PKIX_TrustAnchor; 84 typedef struct PKIX_PolicyNodeStruct PKIX_PolicyNode; 85 typedef struct PKIX_LoggerStruct PKIX_Logger; 86 typedef struct PKIX_ListStruct PKIX_List; 87 typedef struct PKIX_ForwardBuilderStateStruct PKIX_ForwardBuilderState; 88 typedef struct PKIX_DefaultRevocationCheckerStruct 89 PKIX_DefaultRevocationChecker; 90 typedef struct PKIX_VerifyNodeStruct PKIX_VerifyNode; 91 92 /* Portability Layer (PL) data types 93 * 94 * These types are used are used as portable data types that are defined 95 * consistently across platforms 96 */ 97 98 typedef struct PKIX_PL_NssContextStruct PKIX_PL_NssContext; 99 typedef struct PKIX_PL_ObjectStruct PKIX_PL_Object; 100 typedef struct PKIX_PL_ByteArrayStruct PKIX_PL_ByteArray; 101 typedef struct PKIX_PL_HashTableStruct PKIX_PL_HashTable; 102 typedef struct PKIX_PL_MutexStruct PKIX_PL_Mutex; 103 typedef struct PKIX_PL_RWLockStruct PKIX_PL_RWLock; 104 typedef struct PKIX_PL_MonitorLockStruct PKIX_PL_MonitorLock; 105 typedef struct PKIX_PL_BigIntStruct PKIX_PL_BigInt; 106 typedef struct PKIX_PL_StringStruct PKIX_PL_String; 107 typedef struct PKIX_PL_OIDStruct PKIX_PL_OID; 108 typedef struct PKIX_PL_CertStruct PKIX_PL_Cert; 109 typedef struct PKIX_PL_GeneralNameStruct PKIX_PL_GeneralName; 110 typedef struct PKIX_PL_X500NameStruct PKIX_PL_X500Name; 111 typedef struct PKIX_PL_PublicKeyStruct PKIX_PL_PublicKey; 112 typedef struct PKIX_PL_DateStruct PKIX_PL_Date; 113 typedef struct PKIX_PL_CertNameConstraintsStruct PKIX_PL_CertNameConstraints; 114 typedef struct PKIX_PL_CertBasicConstraintsStruct PKIX_PL_CertBasicConstraints; 115 typedef struct PKIX_PL_CertPoliciesStruct PKIX_PL_CertPolicies; 116 typedef struct PKIX_PL_CertPolicyInfoStruct PKIX_PL_CertPolicyInfo; 117 typedef struct PKIX_PL_CertPolicyQualifierStruct PKIX_PL_CertPolicyQualifier; 118 typedef struct PKIX_PL_CertPolicyMapStruct PKIX_PL_CertPolicyMap; 119 typedef struct PKIX_PL_CRLStruct PKIX_PL_CRL; 120 typedef struct PKIX_PL_CRLEntryStruct PKIX_PL_CRLEntry; 121 typedef struct PKIX_PL_CollectionCertStoreStruct PKIX_PL_CollectionCertStore; 122 typedef struct PKIX_PL_CollectionCertStoreContext 123 PKIX_PL_CollectionCertStoreContext; 124 typedef struct PKIX_PL_LdapCertStoreContext PKIX_PL_LdapCertStoreContext; 125 typedef struct PKIX_PL_LdapRequestStruct PKIX_PL_LdapRequest; 126 typedef struct PKIX_PL_LdapResponseStruct PKIX_PL_LdapResponse; 127 typedef struct PKIX_PL_LdapDefaultClientStruct PKIX_PL_LdapDefaultClient; 128 typedef struct PKIX_PL_SocketStruct PKIX_PL_Socket; 129 typedef struct PKIX_PL_InfoAccessStruct PKIX_PL_InfoAccess; 130 typedef struct PKIX_PL_AIAMgrStruct PKIX_PL_AIAMgr; 131 typedef struct PKIX_PL_OcspCertIDStruct PKIX_PL_OcspCertID; 132 typedef struct PKIX_PL_OcspRequestStruct PKIX_PL_OcspRequest; 133 typedef struct PKIX_PL_OcspResponseStruct PKIX_PL_OcspResponse; 134 typedef struct PKIX_PL_HttpClientStruct PKIX_PL_HttpClient; 135 typedef struct PKIX_PL_HttpDefaultClientStruct PKIX_PL_HttpDefaultClient; 136 typedef struct PKIX_PL_HttpCertStoreContextStruct PKIX_PL_HttpCertStoreContext; 137 138 /* Primitive types 139 * 140 * In order to guarantee desired behavior as well as platform-independence, we 141 * typedef these types depending on the platform. XXX This needs more work! 142 */ 143 144 /* XXX Try compiling these files (and maybe the whole libpkix-nss) on Win32. 145 * We don't know what type is at least 32 bits long. ISO C probably requires 146 * at least 32 bits for long. we could default to that and only list platforms 147 * where that's not true. 148 * 149 * #elif 150 * #error 151 * #endif 152 */ 153 154 /* currently, int is 32 bits on all our supported platforms */ 155 156 typedef unsigned int PKIX_UInt32; 157 typedef int PKIX_Int32; 158 159 typedef int PKIX_Boolean; 160 161 /* Object Types 162 * 163 * Every reference-counted PKIX_PL_Object is associated with an integer type. 164 */ 165 #define PKIX_TYPES \ 166 TYPEMACRO(AIAMGR), \ 167 TYPEMACRO(BASICCONSTRAINTSCHECKERSTATE), \ 168 TYPEMACRO(BIGINT), \ 169 TYPEMACRO(BUILDRESULT), \ 170 TYPEMACRO(BYTEARRAY), \ 171 TYPEMACRO(CERT), \ 172 TYPEMACRO(CERTBASICCONSTRAINTS), \ 173 TYPEMACRO(CERTCHAINCHECKER), \ 174 TYPEMACRO(CERTNAMECONSTRAINTS), \ 175 TYPEMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \ 176 TYPEMACRO(CERTPOLICYCHECKERSTATE), \ 177 TYPEMACRO(CERTPOLICYINFO), \ 178 TYPEMACRO(CERTPOLICYMAP), \ 179 TYPEMACRO(CERTPOLICYNODE), \ 180 TYPEMACRO(CERTPOLICYQUALIFIER), \ 181 TYPEMACRO(CERTSELECTOR), \ 182 TYPEMACRO(CERTSTORE), \ 183 TYPEMACRO(COLLECTIONCERTSTORECONTEXT), \ 184 TYPEMACRO(COMCERTSELPARAMS), \ 185 TYPEMACRO(COMCRLSELPARAMS), \ 186 TYPEMACRO(CRL), \ 187 TYPEMACRO(CRLDP), \ 188 TYPEMACRO(CRLENTRY), \ 189 TYPEMACRO(CRLSELECTOR), \ 190 TYPEMACRO(DATE), \ 191 TYPEMACRO(CRLCHECKER), \ 192 TYPEMACRO(EKUCHECKER), \ 193 TYPEMACRO(ERROR), \ 194 TYPEMACRO(FORWARDBUILDERSTATE), \ 195 TYPEMACRO(GENERALNAME), \ 196 TYPEMACRO(HASHTABLE), \ 197 TYPEMACRO(HTTPCERTSTORECONTEXT), \ 198 TYPEMACRO(HTTPDEFAULTCLIENT), \ 199 TYPEMACRO(INFOACCESS), \ 200 TYPEMACRO(LDAPDEFAULTCLIENT), \ 201 TYPEMACRO(LDAPREQUEST), \ 202 TYPEMACRO(LDAPRESPONSE), \ 203 TYPEMACRO(LIST), \ 204 TYPEMACRO(LOGGER), \ 205 TYPEMACRO(MONITORLOCK), \ 206 TYPEMACRO(MUTEX), \ 207 TYPEMACRO(OBJECT), \ 208 TYPEMACRO(OCSPCERTID), \ 209 TYPEMACRO(OCSPCHECKER), \ 210 TYPEMACRO(OCSPREQUEST), \ 211 TYPEMACRO(OCSPRESPONSE), \ 212 TYPEMACRO(OID), \ 213 TYPEMACRO(REVOCATIONCHECKER), \ 214 TYPEMACRO(PROCESSINGPARAMS), \ 215 TYPEMACRO(PUBLICKEY), \ 216 TYPEMACRO(RESOURCELIMITS), \ 217 TYPEMACRO(RWLOCK), \ 218 TYPEMACRO(SIGNATURECHECKERSTATE), \ 219 TYPEMACRO(SOCKET), \ 220 TYPEMACRO(STRING), \ 221 TYPEMACRO(TARGETCERTCHECKERSTATE), \ 222 TYPEMACRO(TRUSTANCHOR), \ 223 TYPEMACRO(VALIDATEPARAMS), \ 224 TYPEMACRO(VALIDATERESULT), \ 225 TYPEMACRO(VERIFYNODE), \ 226 TYPEMACRO(X500NAME) 227 228 #define TYPEMACRO(type) PKIX_ ## type ## _TYPE 229 230 typedef enum { /* Now invoke all those TYPEMACROs to assign the numbers */ 231 PKIX_TYPES, 232 PKIX_NUMTYPES /* This gets PKIX_NUMTYPES defined as the total number */ 233 } PKIX_TYPENUM; 234 235 236 #ifdef PKIX_USER_OBJECT_TYPE 237 238 /* User Define Object Types 239 * 240 * User may define their own object types offset from PKIX_USER_OBJECT_TYPE 241 */ 242 #define PKIX_USER_OBJECT_TYPEBASE 1000 243 244 #endif /* PKIX_USER_OBJECT_TYPE */ 245 246 /* Error Codes 247 * 248 * This list is used to define a set of PKIX_Error exception class numbers. 249 * ERRMACRO is redefined to produce a corresponding set of 250 * strings in the table "const char *PKIX_ERRORCLASSNAMES[PKIX_NUMERRORCLASSES]" in 251 * pkix_error.c. For example, since the fifth ERRMACRO entry is MUTEX, then 252 * PKIX_MUTEX_ERROR is defined in pkixt.h as 4, and PKIX_ERRORCLASSNAMES[4] is 253 * initialized in pkix_error.c with the value "MUTEX". 254 */ 255 #define PKIX_ERRORCLASSES \ 256 ERRMACRO(AIAMGR), \ 257 ERRMACRO(BASICCONSTRAINTSCHECKERSTATE), \ 258 ERRMACRO(BIGINT), \ 259 ERRMACRO(BUILD), \ 260 ERRMACRO(BUILDRESULT), \ 261 ERRMACRO(BYTEARRAY), \ 262 ERRMACRO(CERT), \ 263 ERRMACRO(CERTBASICCONSTRAINTS), \ 264 ERRMACRO(CERTCHAINCHECKER), \ 265 ERRMACRO(CERTNAMECONSTRAINTS), \ 266 ERRMACRO(CERTNAMECONSTRAINTSCHECKERSTATE), \ 267 ERRMACRO(CERTPOLICYCHECKERSTATE), \ 268 ERRMACRO(CERTPOLICYINFO), \ 269 ERRMACRO(CERTPOLICYMAP), \ 270 ERRMACRO(CERTPOLICYNODE), \ 271 ERRMACRO(CERTPOLICYQUALIFIER), \ 272 ERRMACRO(CERTSELECTOR), \ 273 ERRMACRO(CERTSTORE), \ 274 ERRMACRO(CERTVFYPKIX), \ 275 ERRMACRO(COLLECTIONCERTSTORECONTEXT), \ 276 ERRMACRO(COMCERTSELPARAMS), \ 277 ERRMACRO(COMCRLSELPARAMS), \ 278 ERRMACRO(CONTEXT), \ 279 ERRMACRO(CRL), \ 280 ERRMACRO(CRLDP), \ 281 ERRMACRO(CRLENTRY), \ 282 ERRMACRO(CRLSELECTOR), \ 283 ERRMACRO(CRLCHECKER), \ 284 ERRMACRO(DATE), \ 285 ERRMACRO(EKUCHECKER), \ 286 ERRMACRO(ERROR), \ 287 ERRMACRO(FATAL), \ 288 ERRMACRO(FORWARDBUILDERSTATE), \ 289 ERRMACRO(GENERALNAME), \ 290 ERRMACRO(HASHTABLE), \ 291 ERRMACRO(HTTPCERTSTORECONTEXT), \ 292 ERRMACRO(HTTPDEFAULTCLIENT), \ 293 ERRMACRO(INFOACCESS), \ 294 ERRMACRO(LDAPCLIENT), \ 295 ERRMACRO(LDAPDEFAULTCLIENT), \ 296 ERRMACRO(LDAPREQUEST), \ 297 ERRMACRO(LDAPRESPONSE), \ 298 ERRMACRO(LIFECYCLE), \ 299 ERRMACRO(LIST), \ 300 ERRMACRO(LOGGER), \ 301 ERRMACRO(MEM), \ 302 ERRMACRO(MONITORLOCK), \ 303 ERRMACRO(MUTEX), \ 304 ERRMACRO(OBJECT), \ 305 ERRMACRO(OCSPCERTID), \ 306 ERRMACRO(OCSPCHECKER), \ 307 ERRMACRO(OCSPREQUEST), \ 308 ERRMACRO(OCSPRESPONSE), \ 309 ERRMACRO(OID), \ 310 ERRMACRO(PROCESSINGPARAMS), \ 311 ERRMACRO(PUBLICKEY), \ 312 ERRMACRO(RESOURCELIMITS), \ 313 ERRMACRO(REVOCATIONMETHOD), \ 314 ERRMACRO(REVOCATIONCHECKER), \ 315 ERRMACRO(RWLOCK), \ 316 ERRMACRO(SIGNATURECHECKERSTATE), \ 317 ERRMACRO(SOCKET), \ 318 ERRMACRO(STRING), \ 319 ERRMACRO(TARGETCERTCHECKERSTATE), \ 320 ERRMACRO(TRUSTANCHOR), \ 321 ERRMACRO(USERDEFINEDMODULES), \ 322 ERRMACRO(VALIDATE), \ 323 ERRMACRO(VALIDATEPARAMS), \ 324 ERRMACRO(VALIDATERESULT), \ 325 ERRMACRO(VERIFYNODE), \ 326 ERRMACRO(X500NAME) 327 328 #define ERRMACRO(type) PKIX_ ## type ## _ERROR 329 330 typedef enum { /* Now invoke all those ERRMACROs to assign the numbers */ 331 PKIX_ERRORCLASSES, 332 PKIX_NUMERRORCLASSES /* This gets PKIX_NUMERRORCLASSES defined as the total number */ 333 } PKIX_ERRORCLASS; 334 335 /* Now define error strings (for internationalization) */ 336 337 #define PKIX_ERRORENTRY(name,desc,plerr) PKIX_ ## name 338 339 /* Define all the error numbers */ 340 typedef enum { 341 #include "pkix_errorstrings.h" 342 , PKIX_NUMERRORCODES 343 } PKIX_ERRORCODE; 344 345 extern const char * const PKIX_ErrorText[]; 346 347 /* String Formats 348 * 349 * These formats specify supported encoding formats for Strings. 350 */ 351 352 #define PKIX_ESCASCII 0 353 #define PKIX_UTF8 1 354 #define PKIX_UTF16 2 355 #define PKIX_UTF8_NULL_TERM 3 356 #define PKIX_ESCASCII_DEBUG 4 357 358 /* Name Types 359 * 360 * These types specify supported formats for GeneralNames. 361 */ 362 363 #define PKIX_OTHER_NAME 1 364 #define PKIX_RFC822_NAME 2 365 #define PKIX_DNS_NAME 3 366 #define PKIX_X400_ADDRESS 4 367 #define PKIX_DIRECTORY_NAME 5 368 #define PKIX_EDIPARTY_NAME 6 369 #define PKIX_URI_NAME 7 370 #define PKIX_IP_NAME 8 371 #define PKIX_OID_NAME 9 372 373 /* Key Usages 374 * 375 * These types specify supported Key Usages 376 */ 377 378 #define PKIX_DIGITAL_SIGNATURE 0x001 379 #define PKIX_NON_REPUDIATION 0x002 380 #define PKIX_KEY_ENCIPHERMENT 0x004 381 #define PKIX_DATA_ENCIPHERMENT 0x008 382 #define PKIX_KEY_AGREEMENT 0x010 383 #define PKIX_KEY_CERT_SIGN 0x020 384 #define PKIX_CRL_SIGN 0x040 385 #define PKIX_ENCIPHER_ONLY 0x080 386 #define PKIX_DECIPHER_ONLY 0x100 387 388 /* Reason Flags 389 * 390 * These macros specify supported Reason Flags 391 */ 392 393 #define PKIX_UNUSED 0x001 394 #define PKIX_KEY_COMPROMISE 0x002 395 #define PKIX_CA_COMPROMISE 0x004 396 #define PKIX_AFFILIATION_CHANGED 0x008 397 #define PKIX_SUPERSEDED 0x010 398 #define PKIX_CESSATION_OF_OPERATION 0x020 399 #define PKIX_CERTIFICATE_HOLD 0x040 400 #define PKIX_PRIVILEGE_WITHDRAWN 0x080 401 #define PKIX_AA_COMPROMISE 0x100 402 403 /* Boolean values 404 * 405 * These macros specify the Boolean values of TRUE and FALSE 406 * XXX Is it the case that any non-zero value is actually considered TRUE 407 * and this is just a convenient mnemonic macro? 408 */ 409 410 #define PKIX_TRUE ((PKIX_Boolean) 1) 411 #define PKIX_FALSE ((PKIX_Boolean) 0) 412 413 /* 414 * Define constants for basic constraints selector 415 * (see comments in pkix_certsel.h) 416 */ 417 418 #define PKIX_CERTSEL_ENDENTITY_MIN_PATHLENGTH (-2) 419 #define PKIX_CERTSEL_ALL_MATCH_MIN_PATHLENGTH (-1) 420 421 /* 422 * PKIX_ALLOC_ERROR is a special error object hard-coded into the pkix_error.o 423 * object file. It is thrown if system memory cannot be allocated or may be 424 * thrown for other unrecoverable errors. PKIX_ALLOC_ERROR is immutable. 425 * IncRef, DecRef and all Settor functions cannot be called. 426 * XXX Does anyone actually need to know about this? 427 * XXX Why no DecRef? Would be good to handle it the same. 428 */ 429 430 PKIX_Error* PKIX_ALLOC_ERROR(void); 431 432 /* 433 * In a CertBasicConstraints extension, if the CA flag is set, 434 * indicating the certificate refers to a Certification 435 * Authority, then the pathLen field indicates how many intermediate 436 * certificates (not counting self-signed ones) can exist in a valid 437 * chain following this certificate. If the pathLen has the value 438 * of this constant, then the length of the chain is unlimited 439 */ 440 #define PKIX_UNLIMITED_PATH_CONSTRAINT ((PKIX_Int32) -1) 441 442 /* 443 * Define Certificate Extension hard-coded OID's 444 */ 445 #define PKIX_UNKNOWN_OID SEC_OID_UNKNOWN 446 #define PKIX_CERTKEYUSAGE_OID SEC_OID_X509_KEY_USAGE 447 #define PKIX_CERTSUBJALTNAME_OID SEC_OID_X509_SUBJECT_ALT_NAME 448 #define PKIX_BASICCONSTRAINTS_OID SEC_OID_X509_BASIC_CONSTRAINTS 449 #define PKIX_CRLREASONCODE_OID SEC_OID_X509_REASON_CODE 450 #define PKIX_NAMECONSTRAINTS_OID SEC_OID_X509_NAME_CONSTRAINTS 451 #define PKIX_CERTIFICATEPOLICIES_OID SEC_OID_X509_CERTIFICATE_POLICIES 452 #define PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID SEC_OID_X509_ANY_POLICY 453 #define PKIX_POLICYMAPPINGS_OID SEC_OID_X509_POLICY_MAPPINGS 454 #define PKIX_POLICYCONSTRAINTS_OID SEC_OID_X509_POLICY_CONSTRAINTS 455 #define PKIX_EXTENDEDKEYUSAGE_OID SEC_OID_X509_EXT_KEY_USAGE 456 #define PKIX_INHIBITANYPOLICY_OID SEC_OID_X509_INHIBIT_ANY_POLICY 457 #define PKIX_NSCERTTYPE_OID SEC_OID_NS_CERT_EXT_CERT_TYPE 458 #define PKIX_KEY_USAGE_SERVER_AUTH_OID SEC_OID_EXT_KEY_USAGE_SERVER_AUTH 459 #define PKIX_KEY_USAGE_CLIENT_AUTH_OID SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH 460 #define PKIX_KEY_USAGE_CODE_SIGN_OID SEC_OID_EXT_KEY_USAGE_CODE_SIGN 461 #define PKIX_KEY_USAGE_EMAIL_PROTECT_OID SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT 462 #define PKIX_KEY_USAGE_TIME_STAMP_OID SEC_OID_EXT_KEY_USAGE_TIME_STAMP 463 #define PKIX_KEY_USAGE_OCSP_RESPONDER_OID SEC_OID_OCSP_RESPONDER 464 465 466 /* Available revocation method types. */ 467 typedef enum PKIX_RevocationMethodTypeEnum { 468 PKIX_RevocationMethod_CRL = 0, 469 PKIX_RevocationMethod_OCSP, 470 PKIX_RevocationMethod_MAX 471 } PKIX_RevocationMethodType; 472 473 /* A set of statuses revocation checker operates on */ 474 typedef enum PKIX_RevocationStatusEnum { 475 PKIX_RevStatus_NoInfo = 0, 476 PKIX_RevStatus_Revoked, 477 PKIX_RevStatus_Success 478 } PKIX_RevocationStatus; 479 480 481 #ifdef __cplusplus 482 } 483 #endif 484 485 #endif /* _PKIXT_H */