pam_pkcs11  0.6.10
cert_vfy.h
Go to the documentation of this file.
1 /*
2  * PKCS #11 PAM Login Module
3  * Copyright (C) 2003 Mario Strasser <mast@gmx.net>,
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * $Id$
16  */
17 
27 #ifndef __CERT_VFY_H_
28 #define __CERT_VFY_H_
29 
30 #include "cert_st.h"
31 
32 typedef enum {
40  CRLP_AUTO
42 
43 typedef enum {
45  OCSP_ON
47 
49  int ca_policy;
52  const char *ca_dir;
53  const char *crl_dir;
54  const char *nss_dir;
56 };
57 
58 #ifndef __CERT_VFY_C
59 #define CERTVFY_EXTERN extern
60 #else
61 #define CERTVFY_EXTERN
62 #endif
63 
70 CERTVFY_EXTERN int verify_certificate(X509 * x509, cert_policy *policy);
71 
81 CERTVFY_EXTERN int verify_signature(X509 * x509, unsigned char *data, int data_length, unsigned char *signature, int signature_length);
82 
83 #undef CERTVFY_EXTERN
84 
85 #endif /* __CERT_VFY_H_ */
verify_certificate
CERTVFY_EXTERN int verify_certificate(X509 *x509, cert_policy *policy)
Verify provided certificate, and if needed, CRL.
CRLP_NONE
@ CRLP_NONE
Do not perform any CRL verification.
Definition: cert_vfy.h:34
cert_policy_st::crl_policy
int crl_policy
Definition: cert_vfy.h:50
ocsp_policy_t
ocsp_policy_t
Definition: cert_vfy.h:43
cert_policy_st::crl_dir
const char * crl_dir
Definition: cert_vfy.h:53
cert_policy_st
Definition: cert_vfy.h:48
cert_policy_st::nss_dir
const char * nss_dir
Definition: cert_vfy.h:54
crl_policy_t
crl_policy_t
Definition: cert_vfy.h:32
CRLP_AUTO
@ CRLP_AUTO
Try CRL check online, else ofline, else fail.
Definition: cert_vfy.h:40
cert_st.h
CRLP_ONLINE
@ CRLP_ONLINE
Retrieve CRL from CA site.
Definition: cert_vfy.h:36
CERTVFY_EXTERN
#define CERTVFY_EXTERN
Definition: cert_vfy.h:59
cert_policy_st::ca_policy
int ca_policy
Definition: cert_vfy.h:49
verify_signature
CERTVFY_EXTERN int verify_signature(X509 *x509, unsigned char *data, int data_length, unsigned char *signature, int signature_length)
Verify signature of provided data.
cert_policy_st::ocsp_policy
int ocsp_policy
Definition: cert_vfy.h:55
OCSP_NONE
@ OCSP_NONE
Definition: cert_vfy.h:44
cert_policy_st::ca_dir
const char * ca_dir
Definition: cert_vfy.h:52
cert_policy_st::signature_policy
int signature_policy
Definition: cert_vfy.h:51
OCSP_ON
@ OCSP_ON
Definition: cert_vfy.h:45
CRLP_OFFLINE
@ CRLP_OFFLINE
Retrieve CRL from local filesystem.
Definition: cert_vfy.h:38