The Tor Browser / file comparison
comparison: security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h
security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h
- branch
- TOR_BUG_3246
- changeset 6
- 8bccb770b82d
equal
deleted
inserted
replaced
| -1:000000000000 | 0:8afd50ae479b |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 // Implements generating OCSP responses of various types. Used by the | |
| 6 // programs in tlsserver/cmd. | |
| 7 | |
| 8 #ifndef OCSPCommon_h | |
| 9 #define OCSPCommon_h | |
| 10 | |
| 11 #include "certt.h" | |
| 12 #include "seccomon.h" | |
| 13 | |
| 14 enum OCSPResponseType | |
| 15 { | |
| 16 ORTNull = 0, | |
| 17 ORTGood, // the certificate is good | |
| 18 ORTRevoked, // the certificate has been revoked | |
| 19 ORTRevokedOld, // same, but the response is old | |
| 20 ORTUnknown, // the responder doesn't know if the cert is good | |
| 21 ORTUnknownOld, // same, but the response is old | |
| 22 ORTGoodOtherCert, // the response references a different certificate | |
| 23 ORTGoodOtherCA, // the wrong CA has signed the response | |
| 24 ORTExpired, // the signature on the response has expired | |
| 25 ORTExpiredFreshCA, // fresh signature, but old validity period | |
| 26 ORTNone, // no stapled response | |
| 27 ORTEmpty, // an empty stapled response | |
| 28 ORTMalformed, // the response from the responder was malformed | |
| 29 ORTSrverr, // the response indicates there was a server error | |
| 30 ORTTryLater, // the responder replied with "try again later" | |
| 31 ORTNeedsSig, // the response needs a signature | |
| 32 ORTUnauthorized, // the responder is not authorized for this certificate | |
| 33 ORTBadSignature, // the response has a signature that does not verify | |
| 34 ORTSkipResponseBytes, // the response does not include responseBytes | |
| 35 ORTCriticalExtension, // the response includes a critical extension | |
| 36 ORTNoncriticalExtension, // the response includes an extension that is not critical | |
| 37 ORTEmptyExtensions, // the response includes a SEQUENCE OF Extension that is empty | |
| 38 ORTDelegatedIncluded, // the response is signed by an included delegated responder | |
| 39 ORTDelegatedIncludedLast, // same, but multiple other certificates are included | |
| 40 ORTDelegatedMissing, // the response is signed by a not included delegated responder | |
| 41 ORTDelegatedMissingMultiple, // same, but multiple other certificates are included | |
| 42 ORTLongValidityAlmostExpired, // a good response, but that was generated a almost a year ago | |
| 43 ORTAncientAlmostExpired, // a good response, with a validity of almost two years almost expiring | |
| 44 }; | |
| 45 | |
| 46 struct OCSPHost | |
| 47 { | |
| 48 const char *mHostName; | |
| 49 OCSPResponseType mORT; | |
| 50 const char *mAdditionalCertName; // useful for ORTGoodOtherCert, etc. | |
| 51 }; | |
| 52 | |
| 53 SECItemArray * | |
| 54 GetOCSPResponseForType(OCSPResponseType aORT, CERTCertificate *aCert, | |
| 55 PLArenaPool *aArena, const char *aAdditionalCertName); | |
| 56 | |
| 57 #endif // OCSPCommon_h |
