diff options
| author | Michael Brown <mcb30@ipxe.org> | 2012-04-30 01:49:01 +0100 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2012-05-04 15:15:34 +0100 |
| commit | 601cb3610fff6e295876a3050275ef590da7f7c0 (patch) | |
| tree | 59efa260b8af5d16b1d55fb96b2bd300c4c73d36 /src/include/ipxe/x509.h | |
| parent | f91995f19373b2bba78703310691e1ad68ee1eec (diff) | |
| download | ipxe-601cb3610fff6e295876a3050275ef590da7f7c0.zip ipxe-601cb3610fff6e295876a3050275ef590da7f7c0.tar.gz ipxe-601cb3610fff6e295876a3050275ef590da7f7c0.tar.bz2 | |
[crypto] Parse OCSP responder URI from X.509 certificate
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/include/ipxe/x509.h')
| -rw-r--r-- | src/include/ipxe/x509.h | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h index 09e1800..271ed2e 100644 --- a/src/include/ipxe/x509.h +++ b/src/include/ipxe/x509.h @@ -50,9 +50,9 @@ struct x509_validity { struct x509_time not_after; }; -/** An X.509 name */ -struct x509_name { - /** Name (not NUL-terminated) */ +/** An X.509 string */ +struct x509_string { + /** String (not NUL-terminated) */ const void *data; /** Length of name */ size_t len; @@ -71,7 +71,7 @@ struct x509_subject { /** Raw subject */ struct asn1_cursor raw; /** Common name */ - struct x509_name name; + struct x509_string name; /** Public key information */ struct x509_public_key public_key; }; @@ -128,6 +128,18 @@ enum x509_extended_key_usage_bits { X509_CODE_SIGNING = 0x0001, }; +/** X.509 certificate OCSP responder */ +struct x509_ocsp_responder { + /** URI */ + struct x509_string uri; +}; + +/** X.509 certificate authority information access */ +struct x509_authority_info_access { + /** OCSP responder */ + struct x509_ocsp_responder ocsp; +}; + /** An X.509 certificate extensions set */ struct x509_extensions { /** Basic constraints */ @@ -136,6 +148,8 @@ struct x509_extensions { struct x509_key_usage usage; /** Extended key usage */ struct x509_extended_key_usage ext_usage; + /** Authority information access */ + struct x509_authority_info_access auth_info; }; /** An X.509 certificate */ @@ -188,6 +202,22 @@ struct x509_key_purpose { unsigned int bits; }; +/** An X.509 access method */ +struct x509_access_method { + /** Name */ + const char *name; + /** Object identifier */ + struct asn1_cursor oid; + /** Parse access method + * + * @v cert X.509 certificate + * @v raw ASN.1 cursor + * @ret rc Return status code + */ + int ( * parse ) ( struct x509_certificate *cert, + const struct asn1_cursor *raw ); +}; + /** An X.509 root certificate store */ struct x509_root { /** Fingerprint digest algorithm */ |