RSA BSAFE Cert-C

00001 /*
00002 ** Copyright (c) 2000-2002, RSA Security Inc.
00003 **
00004 ** This file is used to demonstrate how to interface to an RSA
00005 ** Security licensed development product.  You have a
00006 ** royalty-free right to use, modify, reproduce and distribute this
00007 ** demonstration file (including any modified version), provided that
00008 ** you agree that RSA Security has no warranty, implied or
00009 ** otherwise, or liability for this demonstration file or any modified
00010 ** version.
00011 **
00012 */
00013 
00014 #ifndef HEADER_BSAFE_CERTC_OCSP
00015 #define HEADER_BSAFE_CERTC_OCSP 1
00016 
00024 #include "service.h"
00025 #include "transprt.h"
00026 
00027 #ifdef __cplusplus
00028 extern "C" {
00029 #endif
00030 
00078 int S_InitializeOCSP (
00079   CERTC_CTX      ctx,           /* (in)  Cert-C context            */
00080   POINTER        params,        /* (in)  initialization parameters */
00081   SERVICE_FUNCS *funcs,         /* (out) provider functions        */
00082   POINTER       *handle);       /* (out) provider handle           */
00083 
00084 /* Values for REVOKE_OCSP_INIT_STRUCT.profile */
00085 #define  REVOKE_OCSP_PROFILE_GENERIC      0
00086 #define  REVOKE_OCSP_PROFILE_VALICERT     1
00087 #define  REVOKE_OCSP_PROFILE_VERISIGN     2
00088 #define  REVOKE_OCSP_PROFILE_RSAKCA       3
00089 #define _REVOKE_OCSP_PROFILE_MAX        3 /* not needed for application use */
00090 
00158 typedef struct {
00159   int      signatureAlgorithm;                /* alg used to sign requests */
00160   CERT_OBJ cert;                              /* cert for signing requests */
00161   LIST_OBJ extraRequestCerts;  /* any extra certs to send to the responder */
00162 } OCSP_SIGNER;
00163 
00431 typedef struct {
00432   unsigned int    profile;                /* one of REVOKE_OCSP_PROFILE_*            */
00433   unsigned int    flags;                  /* bitfield of OCSP_RESPONDER_FLAG_*       */
00434   TRANSPORT_INFO  transport;              /* responder loc & optional proxy info     */
00435   int             digestAlgorithm;        /* alg used to digest request data         */
00436   OCSP_SIGNER     signer;                 /* request signing info for this responder */
00437   CERT_OBJ        responderCert;          /* cert of this responder                  */
00438   LIST_OBJ        responderCAs;           /* CAs for which this responder is used    */
00439   UINT4           timeTolerance;          /* thisUpdate, nextUpdate comparison tolerance */
00440   EXTENSIONS_OBJ  extraRequestExtensions; /* optional extensions for request         */
00441   char           *dbName;                 /* db for returned-in-band certs           */
00442 } OCSP_RESPONDER;
00443 
00444 #define OCSP_RESPONDER_FLAG_DISABLE_NONCES    0x00000001
00445 #define OCSP_RESPONDER_FLAG_DISABLE_CERT_SEND 0x00000002
00446 #define OCSP_RESPONDER_FLAG_ENABLE_CHAIN_SEND 0x00000004
00447 #define OCSP_RESPONDER_FLAG_APPLY_TOLERANCE   0x00000008
00448 #define OCSP_RESPONDER_FLAG_RESPONDER_NOCHECK 0x00000010
00449 
00477 typedef struct {
00478   unsigned int    numResponders; /* # of structures in array   */
00479   OCSP_RESPONDER *responders;    /* ptr to array of structures */
00480 } REVOKE_OCSP_INIT_STRUCT, *P_REVOKE_OCSP_INIT_STRUCT;
00481 
00482 /* Values for REVOKE_OCSP_SP_INIT_PARAMS.initChoice */
00483 #define  REVOKE_OCSP_INIT_METHOD_STRUCT   0
00484 #define _REVOKE_OCSP_INIT_METHOD_MAX    0     /* not needed for app use */
00485 
00509 typedef struct {
00510   unsigned int initChoice;
00511   union {
00515     REVOKE_OCSP_INIT_STRUCT initStruct;
00516   } method;
00517 } REVOKE_OCSP_INIT_PARAMS, *P_REVOKE_OCSP_INIT_PARAMS;
00518 
00519 #ifdef __cplusplus
00520 }
00521 #endif
00522 
00523 #endif /* HEADER_BSAFE_CERTC_OCSP */
ocsp.h
