The Tor Browser / file revision

security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h@6474c204b198

security/manager/ssl/tests/unit/tlsserver/lib/OCSPCommon.h

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 

     5 // Implements generating OCSP responses of various types. Used by the

     6 // programs in tlsserver/cmd.

     7 

     8 #ifndef OCSPCommon_h

     9 #define OCSPCommon_h

    10 

    11 #include "certt.h"

    12 #include "seccomon.h"

    13 

    14 enum OCSPResponseType

    15 {

    16   ORTNull = 0,

    17   ORTGood,             // the certificate is good

    18   ORTRevoked,          // the certificate has been revoked

    19   ORTRevokedOld,       // same, but the response is old

    20   ORTUnknown,          // the responder doesn't know if the cert is good

    21   ORTUnknownOld,       // same, but the response is old

    22   ORTGoodOtherCert,    // the response references a different certificate

    23   ORTGoodOtherCA,      // the wrong CA has signed the response

    24   ORTExpired,          // the signature on the response has expired

    25   ORTExpiredFreshCA,   // fresh signature, but old validity period

    26   ORTNone,             // no stapled response

    27   ORTEmpty,            // an empty stapled response

    28   ORTMalformed,        // the response from the responder was malformed

    29   ORTSrverr,           // the response indicates there was a server error

    30   ORTTryLater,         // the responder replied with "try again later"

    31   ORTNeedsSig,         // the response needs a signature

    32   ORTUnauthorized,     // the responder is not authorized for this certificate

    33   ORTBadSignature,     // the response has a signature that does not verify

    34   ORTSkipResponseBytes, // the response does not include responseBytes

    35   ORTCriticalExtension, // the response includes a critical extension

    36   ORTNoncriticalExtension, // the response includes an extension that is not critical

    37   ORTEmptyExtensions,  // the response includes a SEQUENCE OF Extension that is empty

    38   ORTDelegatedIncluded, // the response is signed by an included delegated responder

    39   ORTDelegatedIncludedLast, // same, but multiple other certificates are included

    40   ORTDelegatedMissing, // the response is signed by a not included delegated responder

    41   ORTDelegatedMissingMultiple, // same, but multiple other certificates are included

    42   ORTLongValidityAlmostExpired, // a good response, but that was generated a almost a year ago

    43   ORTAncientAlmostExpired, // a good response, with a validity of almost two years almost expiring

    44 };

    45 

    46 struct OCSPHost

    47 {

    48   const char *mHostName;

    49   OCSPResponseType mORT;

    50   const char *mAdditionalCertName; // useful for ORTGoodOtherCert, etc.

    51 };

    52 

    53 SECItemArray *

    54 GetOCSPResponseForType(OCSPResponseType aORT, CERTCertificate *aCert,

    55                        PLArenaPool *aArena, const char *aAdditionalCertName);

    56 

    57 #endif // OCSPCommon_h

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial