1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24/* 25 * ocspdDb.h - API for OCSP daemon database 26 */ 27 28#ifndef _OCSPD_DB_H_ 29#define _OCSPD_DB_H_ 30 31#include <Security/cssmtype.h> 32#include <Security/SecAsn1Coder.h> 33 34#ifdef __cplusplus 35extern "C" { 36#endif 37 38/* 39 * Lookup cached response. Result is a DER-encoded OCSP response, the same bits 40 * originally obtained from the net. Result is allocated in specified 41 * SecAsn1CoderRef's memory. Never returns a stale entry; we always check the 42 * enclosed SingleResponse for temporal validity. 43 * 44 * Just a boolean returned; we found it, or not. 45 */ 46bool ocspdDbCacheLookup( 47 SecAsn1CoderRef coder, 48 const CSSM_DATA &certID, 49 const CSSM_DATA *localResponder, // optional; if present, must match 50 // entry's URI 51 CSSM_DATA &derResp); // RETURNED 52 53/* 54 * Add an OCSP response to cache. Incoming response is completely unverified; 55 * we just verify that we can parse it and is has at least one SingleResponse 56 * which is temporally valid. 57 */ 58void ocspdDbCacheAdd( 59 const CSSM_DATA &ocspResp, // as it came from the server 60 const CSSM_DATA &URI); // where it came from 61 62/* 63 * Delete any entry associated with specified certID from cache. 64 */ 65void ocspdDbCacheFlush( 66 const CSSM_DATA &certID); 67 68/* 69 * Flush stale entries from cache. 70 */ 71void ocspdDbCacheFlushStale(); 72 73#ifdef __cplusplus 74} 75#endif 76 77#endif /* _OCSPD_DB_H_ */ 78 79