#define AUTH_CERT_H
#include "gnutls_auth.h"
#include <auth/dh_common.h>
-#include "x509/x509_int.h"
-#include "openpgp/openpgp_int.h"
+#include <x509/x509_int.h>
+#include <openpgp/openpgp_int.h>
#include <gnutls/abstract.h>
#include <gnutls/compat.h>
#include <gnutls_str_array.h>
gnutls_datum_t *issuer_name_hash,
gnutls_datum_t *issuer_key_hash,
gnutls_datum_t *serial_number,
- int *cert_status,
+ unsigned int *cert_status,
time_t *this_update,
time_t *next_update,
time_t *revocation_time,
- int *revocation_reason);
+ unsigned int *revocation_reason);
int gnutls_ocsp_resp_get_extension (gnutls_ocsp_resp_t resp,
unsigned indx,
gnutls_datum_t *oid,
int gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp,
gnutls_x509_crt_t signercert,
unsigned *verify,
- int flags);
+ unsigned int flags);
int gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp,
gnutls_x509_trust_list_t trustlist,
unsigned *verify,
- int flags);
+ unsigned int flags);
+ int gnutls_ocsp_resp_verify_cred (gnutls_ocsp_resp_t resp,
+ gnutls_certificate_credentials_t cred,
+ unsigned *verify,
+ unsigned int flags);
#ifdef __cplusplus
}
#include "verify-high.h"
#include <gnutls/ocsp.h>
+#include <auth/cert.h>
typedef struct gnutls_ocsp_req_int
{
gnutls_datum_t *issuer_name_hash,
gnutls_datum_t *issuer_key_hash,
gnutls_datum_t *serial_number,
- int *cert_status,
+ unsigned int *cert_status,
time_t *this_update,
time_t *next_update,
time_t *revocation_time,
- int *revocation_reason)
+ unsigned int *revocation_reason)
{
gnutls_datum_t sa;
char name[ASN1_MAX_NAME_SIZE];
int
gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp,
gnutls_x509_crt_t signercert,
- unsigned *verify,
- int flags)
+ unsigned int *verify,
+ unsigned int flags)
{
gnutls_datum_t sig = { NULL };
gnutls_datum_t data = { NULL };
int
gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp,
gnutls_x509_trust_list_t trustlist,
- unsigned *verify,
- int flags)
+ unsigned int *verify,
+ unsigned int flags)
{
gnutls_x509_crt_t signercert = NULL;
int rc;
return rc;
}
+
+/**
+ * gnutls_ocsp_resp_verify_cred:
+ * @resp: should contain a #gnutls_ocsp_resp_t structure
+ * @trustlist: the certificate credentials structure
+ * @verify: output variable with verification status, an #gnutls_ocsp_cert_status_t
+ * @flags: verification flags, 0 for now.
+ *
+ * This function is identical to gnutls_ocsp_resp_verify() but would
+ * use the trusted anchors from the certificate credentials structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ **/
+int
+gnutls_ocsp_resp_verify_cred (gnutls_ocsp_resp_t resp,
+ gnutls_certificate_credentials_t cred,
+ unsigned int*verify,
+ unsigned int flags)
+{
+ return gnutls_ocsp_resp_verify( resp, cred->tlist, verify, flags);
+}