michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: /* michael@0: * This file defines functions associated with the PKIX_CertStore type. michael@0: * michael@0: */ michael@0: michael@0: #ifndef _PKIX_CERTSTORE_H michael@0: #define _PKIX_CERTSTORE_H michael@0: michael@0: #include "pkixt.h" michael@0: michael@0: #ifdef __cplusplus michael@0: extern "C" { michael@0: #endif michael@0: michael@0: /* General michael@0: * michael@0: * Please refer to the libpkix Programmer's Guide for detailed information michael@0: * about how to use the libpkix library. Certain key warnings and notices from michael@0: * that document are repeated here for emphasis. michael@0: * michael@0: * All identifiers in this file (and all public identifiers defined in michael@0: * libpkix) begin with "PKIX_". Private identifiers only intended for use michael@0: * within the library begin with "pkix_". michael@0: * michael@0: * A function returns NULL upon success, and a PKIX_Error pointer upon failure. michael@0: * michael@0: * Unless otherwise noted, for all accessor (gettor) functions that return a michael@0: * PKIX_PL_Object pointer, callers should assume that this pointer refers to a michael@0: * shared object. Therefore, the caller should treat this shared object as michael@0: * read-only and should not modify this shared object. When done using the michael@0: * shared object, the caller should release the reference to the object by michael@0: * using the PKIX_PL_Object_DecRef function. michael@0: * michael@0: * While a function is executing, if its arguments (or anything referred to by michael@0: * its arguments) are modified, free'd, or destroyed, the function's behavior michael@0: * is undefined. michael@0: * michael@0: */ michael@0: michael@0: /* PKIX_CertStore michael@0: * michael@0: * A PKIX_CertStore provides a standard way for the caller to retrieve michael@0: * certificates and CRLs from a particular repository (or "store") of michael@0: * certificates and CRLs, including LDAP directories, flat files, local michael@0: * databases, etc. The CertCallback allows custom certificate retrieval logic michael@0: * to be used while the CRLCallback allows custom CRL retrieval logic to be michael@0: * used. Additionally, a CertStore can be initialized with a certStoreContext, michael@0: * which is where the caller can specify configuration data such as the host michael@0: * name of an LDAP server. Note that this certStoreContext must be an michael@0: * Object (although any object type), allowing it to be reference-counted and michael@0: * allowing it to provide the standard Object functions (Equals, Hashcode, michael@0: * ToString, Compare, Duplicate). Please note that each certStoreContext must michael@0: * provide Equals and Hashcode functions in order for the caching (on Cert and michael@0: * CertChain) to work correctly. When providing those two functions, it is not michael@0: * required that all the components of the object be hashed or checked for michael@0: * equality, but merely that the functions distinguish between unique michael@0: * instances of the certStoreContext. michael@0: * michael@0: * Once the caller has created the CertStore object, the caller then specifies michael@0: * these CertStore objects in a ProcessingParams object and passes that object michael@0: * to PKIX_ValidateChain or PKIX_BuildChain, which uses the objects to call the michael@0: * user's callback functions as needed during the validation or building michael@0: * process. michael@0: * michael@0: * The order of CertStores stored (as a list) at ProcessingParams determines michael@0: * the order in which certificates are retrieved. Trusted CertStores should michael@0: * precede non-trusted ones on the list of CertStores so their certificates michael@0: * are evaluated ahead of other certificates selected on the basis of the same michael@0: * selector criteria. michael@0: * michael@0: * The CheckTrustCallback function is used when the CertStore object michael@0: * supports trust status, which means a Cert's trust status can be altered michael@0: * dynamically. When a CertStore object is created, if the michael@0: * CheckTrustCallback is initialized to be non-NULL, this CertStore is michael@0: * defaulted as supporting trust. Then whenever a Cert needs to (re)check its michael@0: * trust status, this callback can be invoked. When a Cert is retrieved by michael@0: * a CertStore supports trust, at its GetCertCallback, the CertStore michael@0: * information should be updated in Cert's data structure so the link between michael@0: * the Cert and CertStore exists. michael@0: * michael@0: */ michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_CertCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * This callback function retrieves from the CertStore pointed to by "store" michael@0: * all the certificates that match the CertSelector pointed to by "selector". michael@0: * It places these certificates in a List and stores a pointer to the List at michael@0: * "pCerts". If no certificates are found which match the CertSelector's michael@0: * criteria, this function stores an empty List at "pCerts". In either case, if michael@0: * the operation is completed, NULL is stored at "pNBIOContext". michael@0: * michael@0: * A CertStore which uses non-blocking I/O may store platform-dependent michael@0: * information at "pNBIOContext" and NULL at "pCerts" to indicate that I/O is michael@0: * pending. A subsequent call to PKIX_CertStore_CertContinue is required to michael@0: * finish the operation and to obtain the List of Certs. michael@0: * michael@0: * Note that the List returned by this function is immutable. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which Certs are to be retrieved. michael@0: * Must be non-NULL. michael@0: * "selector" michael@0: * Address of CertSelector whose criteria must be satisfied. michael@0: * Must be non-NULL. michael@0: * "verifyNode" michael@0: * Parent log node for tracking of filtered out certs. michael@0: * "pNBIOContext" michael@0: * Address at which platform-dependent information is stored if the michael@0: * operation is suspended for non-blocking I/O. Must be non-NULL. michael@0: * "pCerts" michael@0: * Address where object pointer will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_CertCallback)( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertSelector *selector, michael@0: PKIX_VerifyNode *verifyNode, michael@0: void **pNBIOContext, michael@0: PKIX_List **pCerts, /* list of PKIX_PL_Cert */ michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_CertContinue michael@0: * DESCRIPTION: michael@0: * michael@0: * This function continues the non-blocking operation initiated by an earlier michael@0: * call to the CertCallback function, for the CertStore pointed to by "store". michael@0: * If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL michael@0: * value returned in "pNBIOContext") calling this function will return a fatal michael@0: * error. If the operation is completed the certificates found are placed in a michael@0: * List, a pointer to which is stored at "pCerts". If no certificates are found michael@0: * which match the CertSelector's criteria, this function stores an empty List michael@0: * at "pCerts". In either case, if the operation is completed, NULL is stored michael@0: * at "pNBIOContext". michael@0: * michael@0: * If non-blocking I/O is still pending this function stores platform-dependent michael@0: * information at "pNBIOContext" and NULL at "pCerts". A subsequent call to michael@0: * PKIX_CertStore_CertContinue is required to finish the operation and to michael@0: * obtain the List of Certs. michael@0: * michael@0: * Note that the List returned by this function is immutable. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which Certs are to be retrieved. michael@0: * Must be non-NULL. michael@0: * "selector" michael@0: * Address of CertSelector whose criteria must be satisfied. michael@0: * Must be non-NULL. michael@0: * "verifyNode" michael@0: * Parent log node for tracking of filtered out certs. michael@0: * "pNBIOContext" michael@0: * Address at which platform-dependent information is stored if the michael@0: * operation is suspended for non-blocking I/O. Must be non-NULL. michael@0: * "pCerts" michael@0: * Address where object pointer will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_CertContinue( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertSelector *selector, michael@0: PKIX_VerifyNode *verifyNode, michael@0: void **pNBIOContext, michael@0: PKIX_List **pCerts, /* list of PKIX_PL_Cert */ michael@0: void *plContext); michael@0: michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_CertContinueFunction)( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertSelector *selector, michael@0: PKIX_VerifyNode *verifyNode, michael@0: void **pNBIOContext, michael@0: PKIX_List **pCerts, /* list of PKIX_PL_Cert */ michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_CRLCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * This callback function retrieves from the CertStore pointed to by "store" michael@0: * all the CRLs that match the CRLSelector pointed to by "selector". It michael@0: * places these CRLs in a List and stores a pointer to the List at "pCRLs". michael@0: * If no CRLs are found which match the CRLSelector's criteria, this function michael@0: * stores an empty List at "pCRLs". In either case, if the operation is michael@0: * completed, NULL is stored at "pNBIOContext". michael@0: * michael@0: * A CertStore which uses non-blocking I/O may store platform-dependent michael@0: * information at "pNBIOContext" and NULL at "pCrls" to indicate that I/O is michael@0: * pending. A subsequent call to PKIX_CertStore_CRLContinue is required to michael@0: * finish the operation and to obtain the List of Crls. michael@0: * michael@0: * Note that the List returned by this function is immutable. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which CRLs are to be retrieved. michael@0: * Must be non-NULL. michael@0: * "selector" michael@0: * Address of CRLSelector whose criteria must be satisfied. michael@0: * Must be non-NULL. michael@0: * "pCrls" michael@0: * Address where object pointer will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_CRLCallback)( michael@0: PKIX_CertStore *store, michael@0: PKIX_CRLSelector *selector, michael@0: void **pNBIOContext, michael@0: PKIX_List **pCrls, /* list of PKIX_PL_CRL */ michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_ImportCrlCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * The function imports crl list into a cert store. Stores that michael@0: * have local cache may only have that function defined. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which CRLs are to be retrieved. michael@0: * Must be non-NULL. michael@0: * "issuerName" michael@0: * Name of the issuer that will be used to track bad der crls. michael@0: * "crlList" michael@0: * Address on the importing crl list. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_ImportCrlCallback)( michael@0: PKIX_CertStore *store, michael@0: PKIX_PL_X500Name *issuerName, michael@0: PKIX_List *crlList, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_CheckRevokationByCrlCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * The function checks revocation status of a cert with specified michael@0: * issuer, date. It returns revocation status of a cert and michael@0: * a reason code(if any) if a cert was revoked. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which CRLs are to be retrieved. michael@0: * Must be non-NULL. michael@0: * "cert" michael@0: * Certificate which revocation status will be checked. michael@0: * "issuer" michael@0: * Issuer certificate of the "crl". michael@0: * "date" michael@0: * Date of the revocation check. michael@0: * "crlDownloadDone" michael@0: * Indicates, that all needed crl downloads are done by the time of michael@0: * the revocation check. michael@0: * "reasonCode" michael@0: * If cert is revoked, returned reason code for which a cert was revoked. michael@0: * "revStatus" michael@0: * Returned revocation status of the cert. See PKIX_RevocationStatus michael@0: * for more details michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_CheckRevokationByCrlCallback)( michael@0: PKIX_CertStore *store, michael@0: PKIX_PL_Cert *cert, michael@0: PKIX_PL_Cert *issuer, michael@0: PKIX_PL_Date *date, michael@0: PKIX_Boolean crlDownloadDone, michael@0: PKIX_UInt32 *reasonCode, michael@0: PKIX_RevocationStatus *revStatus, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_CrlContinue michael@0: * DESCRIPTION: michael@0: * michael@0: * This function continues the non-blocking operation initiated by an earlier michael@0: * call to the CRLCallback function, for the CertStore pointed to by "store". michael@0: * If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL michael@0: * value returned in "pNBIOContext") calling this function will return a fatal michael@0: * error. If the operation is completed the crls found are placed in a List, a michael@0: * pointer to which is stored at "pCrls". If no crls are found which match the michael@0: * CRLSelector's criteria, this function stores an empty List at "pCrls". In michael@0: * either case, if the operation is completed, NULL is stored at "pNBIOContext". michael@0: * michael@0: * If non-blocking I/O is still pending this function stores platform-dependent michael@0: * information at "pNBIOContext" and NULL at "pCrls". A subsequent call to michael@0: * PKIX_CertStore_CrlContinue is required to finish the operation and to michael@0: * obtain the List of Crls. michael@0: * michael@0: * Note that the List returned by this function is immutable. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which Crls are to be retrieved. michael@0: * Must be non-NULL. michael@0: * "selector" michael@0: * Address of CRLSelector whose criteria must be satisfied. michael@0: * Must be non-NULL. michael@0: * "pNBIOContext" michael@0: * Address at which platform-dependent information is stored if the michael@0: * operation is suspended for non-blocking I/O. Must be non-NULL. michael@0: * "pCrls" michael@0: * Address where object pointer will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_CrlContinue( michael@0: PKIX_CertStore *store, michael@0: PKIX_CRLSelector *selector, michael@0: void **pNBIOContext, michael@0: PKIX_List **pCrls, /* list of PKIX_PL_CRL */ michael@0: void *plContext); michael@0: michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_CrlContinueFunction)( michael@0: PKIX_CertStore *store, michael@0: PKIX_CRLSelector *selector, michael@0: void **pNBIOContext, michael@0: PKIX_List **pCrls, /* list of PKIX_PL_CRL */ michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_CheckTrustCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * This callback function rechecks "cert's" trust status from the CertStore michael@0: * pointed to by "store". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore from which Certs are to be checked. michael@0: * Must be non-NULL. michael@0: * "cert" michael@0: * Address of Cert whose trust status needs to be rechecked. michael@0: * Must be non-NULL. michael@0: * "pTrusted" michael@0: * Address of PKIX_Boolean where the trust status is returned. michael@0: * Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe michael@0: * michael@0: * Multiple threads must be able to safely call this function without michael@0: * worrying about conflicts, even if they're operating on the same object. michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: typedef PKIX_Error * michael@0: (*PKIX_CertStore_CheckTrustCallback)( michael@0: PKIX_CertStore *store, michael@0: PKIX_PL_Cert *cert, michael@0: PKIX_Boolean *pTrusted, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_Create michael@0: * DESCRIPTION: michael@0: * michael@0: * Creates a new CertStore and stores it at "pStore". The new CertStore uses michael@0: * the CertCallback pointed to by "certCallback" and the CRLCallback pointed michael@0: * to by "crlCallback" as its callback functions and uses the Object pointed michael@0: * to by "certStoreContext" as its context . Note that this certStoreContext michael@0: * must be an Object (although any object type), allowing it to be michael@0: * reference-counted and allowing it to provide the standard Object functions michael@0: * (Equals, Hashcode, ToString, Compare, Duplicate). Once created, a michael@0: * CertStore object is immutable, although the underlying repository can michael@0: * change. For example, a CertStore will often be a front-end for a database michael@0: * or directory. The contents of that directory can change after the michael@0: * CertStore object is created, but the CertStore object remains immutable. michael@0: * michael@0: * PARAMETERS: michael@0: * "certCallback" michael@0: * The CertCallback function to be used. Must be non-NULL. michael@0: * "crlCallback" michael@0: * The CRLCallback function to be used. Must be non-NULL. michael@0: * "certContinue" michael@0: * The function to be used to resume a certCallback that returned with a michael@0: * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking michael@0: * I/O. michael@0: * "crlContinue" michael@0: * The function to be used to resume a crlCallback that returned with a michael@0: * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking michael@0: * I/O. michael@0: * "trustCallback" michael@0: * Address of PKIX_CertStore_CheckTrustCallback which is called to michael@0: * verify the trust status of Certs in this CertStore. michael@0: * "certStoreContext" michael@0: * Address of Object representing the CertStore's context (if any). michael@0: * "cachedFlag" michael@0: * If TRUE indicates data retrieved from CertStore should be cached. michael@0: * "localFlag" michael@0: * Boolean value indicating whether this CertStore is local. michael@0: * "pStore" michael@0: * Address where object pointer will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a CertStore Error if the function fails in a non-fatal way. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_Create( michael@0: PKIX_CertStore_CertCallback certCallback, michael@0: PKIX_CertStore_CRLCallback crlCallback, michael@0: PKIX_CertStore_CertContinueFunction certContinue, michael@0: PKIX_CertStore_CrlContinueFunction crlContinue, michael@0: PKIX_CertStore_CheckTrustCallback trustCallback, michael@0: PKIX_CertStore_ImportCrlCallback importCrlCallback, michael@0: PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback, michael@0: PKIX_PL_Object *certStoreContext, michael@0: PKIX_Boolean cachedFlag, michael@0: PKIX_Boolean localFlag, michael@0: PKIX_CertStore **pStore, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetCertCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves a pointer to "store's" Cert callback function and put it in michael@0: * "pCallback". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * The CertStore whose Cert callback is desired. Must be non-NULL. michael@0: * "pCallback" michael@0: * Address where Cert callback function pointer will be stored. michael@0: * Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetCertCallback( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertStore_CertCallback *pCallback, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetCRLCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves a pointer to "store's" CRL callback function and put it in michael@0: * "pCallback". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * The CertStore whose CRL callback is desired. Must be non-NULL. michael@0: * "pCallback" michael@0: * Address where CRL callback function pointer will be stored. michael@0: * Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetCRLCallback( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertStore_CRLCallback *pCallback, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetImportCrlCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves a pointer to "store's" Import CRL callback function and put it in michael@0: * "pCallback". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * The CertStore whose CRL callback is desired. Must be non-NULL. michael@0: * "pCallback" michael@0: * Address where CRL callback function pointer will be stored. michael@0: * Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetImportCrlCallback( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertStore_ImportCrlCallback *pCallback, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetCheckRevByCrl michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves a pointer to "store's" CRL revocation checker callback function michael@0: * and put it in "pCallback". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * The CertStore whose CRL callback is desired. Must be non-NULL. michael@0: * "pCallback" michael@0: * Address where CRL callback function pointer will be stored. michael@0: * Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetCrlCheckerFn( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertStore_CheckRevokationByCrlCallback *pCallback, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetTrustCallback michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves the function pointer to the CheckTrust callback function of the michael@0: * CertStore pointed to by "store" and stores it at "pCallback". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * The CertStore whose CheckTrust callback is desired. Must be non-NULL. michael@0: * "pCallback" michael@0: * Address where CheckTrust callback function pointer will be stored. michael@0: * Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetTrustCallback( michael@0: PKIX_CertStore *store, michael@0: PKIX_CertStore_CheckTrustCallback *pCallback, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetCertStoreContext michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves a pointer to the Object representing the context (if any) michael@0: * of the CertStore pointed to by "store" and stores it at michael@0: * "pCertStoreContext". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore whose context is to be stored. Must be non-NULL. michael@0: * "pCertStoreContext" michael@0: * Address where object pointer will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetCertStoreContext( michael@0: PKIX_CertStore *store, michael@0: PKIX_PL_Object **pCertStoreContext, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetCertStoreCacheFlag michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves the Boolean cache flag of the CertStore pointed to by "store" and michael@0: * stores it at "pCachedFlag". michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * Address of CertStore whose cache flag is to be stored. Must be non-NULL. michael@0: * "pCacheFlag" michael@0: * Address where the result will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetCertStoreCacheFlag( michael@0: PKIX_CertStore *store, michael@0: PKIX_Boolean *pCacheFlag, michael@0: void *plContext); michael@0: michael@0: /* michael@0: * FUNCTION: PKIX_CertStore_GetLocalFlag michael@0: * DESCRIPTION: michael@0: * michael@0: * Retrieves the Boolean localFlag for the CertStore pointed to by "store" and michael@0: * stores it at "pLocalFlag". The localFlag is TRUE if the CertStore can michael@0: * fulfill a request without performing network I/O. michael@0: * michael@0: * PARAMETERS: michael@0: * "store" michael@0: * The CertStore whose Local flag is desired. Must be non-NULL. michael@0: * "pCallback" michael@0: * Address where the Boolean LocalFlag will be stored. Must be non-NULL. michael@0: * "plContext" michael@0: * Platform-specific context pointer. michael@0: * THREAD SAFETY: michael@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) michael@0: * RETURNS: michael@0: * Returns NULL if the function succeeds. michael@0: * Returns a Fatal Error if the function fails in an unrecoverable way. michael@0: */ michael@0: PKIX_Error * michael@0: PKIX_CertStore_GetLocalFlag( michael@0: PKIX_CertStore *store, michael@0: PKIX_Boolean *pLocalFlag, michael@0: void *plContext); michael@0: michael@0: #ifdef __cplusplus michael@0: } michael@0: #endif michael@0: michael@0: #endif /* _PKIX_CERTSTORE_H */