1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24/* 25 * tpOcspCache.h - local OCSP response cache. 26 */ 27 28#ifndef _TP_OCSP_CACHE_H_ 29#define _TP_OCSP_CACHE_H_ 30 31#include <security_ocspd/ocspResponse.h> 32 33/* max default TTL currently 12 hours */ 34#define TP_OCSP_CACHE_TTL (60.0 * 60.0 * 12.0) 35 36extern "C" { 37 38/* 39 * Lookup locally cached response. Caller must free the returned OCSPSingleResponse. 40 * Never returns a stale entry; we always check the enclosed SingleResponse for 41 * temporal validity. 42 */ 43OCSPSingleResponse *tpOcspCacheLookup( 44 OCSPClientCertID &certID, 45 const CSSM_DATA *localResponderURI); // optional 46 47/* 48 * Add a fully verified OCSP response to cache. 49 */ 50void tpOcspCacheAdd( 51 const CSSM_DATA &ocspResp, // we'll decode it and own the result 52 const CSSM_DATA *localResponderURI); // optional 53 54/* 55 * Delete any entry associated with specified certID from cache. 56 */ 57void tpOcspCacheFlush( 58 OCSPClientCertID &certID); 59 60} 61#endif /* _TP_OCSP_CACHE_H_ */ 62 63