#ifndef _SECURITY_SECOCSPRESPONSE_H_
#define _SECURITY_SECOCSPRESPONSE_H_
#include <Security/SecAsn1Coder.h>
#include <CoreFoundation/CFArray.h>
#include <CoreFoundation/CFData.h>
#include <CoreFoundation/CFDate.h>
#include <securityd/SecOCSPRequest.h>
#include <security_asn1/ocspTemplates.h>
#include <Security/SecCertificatePath.h>
#if defined(__cplusplus)
extern "C" {
#endif
typedef enum {
kSecOCSPBad = -2,
kSecOCSPUnknown = -1,
kSecOCSPSuccess = 0,
kSecOCSPMalformedRequest = 1,
kSecOCSPInternalError = 2,
kSecOCSPTryLater = 3,
kSecOCSPUnused = 4,
kSecOCSPSigRequired = 5,
kSecOCSPUnauthorized = 6
} SecOCSPResponseStatus;
enum {
kSecRevocationReasonUnrevoked = -2,
kSecRevocationReasonUndetermined = -1,
kSecRevocationReasonUnspecified = 0,
kSecRevocationReasonKeyCompromise = 1,
kSecRevocationReasonCACompromise = 2,
kSecRevocationReasonAffiliationChanged = 3,
kSecRevocationReasonSuperseded = 4,
kSecRevocationReasonCessationOfOperation = 5,
kSecRevocationReasonCertificateHold = 6,
kSecRevocationReasonRemoveFromCRL = 8,
kSecRevocationReasonPrivilegeWithdrawn = 9,
kSecRevocationReasonAACompromise = 10
};
typedef int32_t SecRevocationReason;
typedef struct __SecOCSPResponse *SecOCSPResponseRef;
struct __SecOCSPResponse {
CFDataRef data;
SecAsn1CoderRef coder;
SecOCSPResponseStatus responseStatus;
CFDataRef nonce;
CFAbsoluteTime producedAt;
CFAbsoluteTime latestNextUpdate;
CFAbsoluteTime expireTime;
CFAbsoluteTime verifyTime;
SecAsn1OCSPBasicResponse basicResponse;
SecAsn1OCSPResponseData responseData;
SecAsn1OCSPResponderIDTag responderIdTag;
SecAsn1OCSPResponderID responderID;
};
typedef struct __SecOCSPSingleResponse *SecOCSPSingleResponseRef;
struct __SecOCSPSingleResponse {
SecAsn1OCSPCertStatusTag certStatus;
CFAbsoluteTime thisUpdate;
CFAbsoluteTime nextUpdate;
CFAbsoluteTime revokedTime;
SecRevocationReason crlReason;
};
SecOCSPResponseRef SecOCSPResponseCreate(CFDataRef ocspResponse,
CFTimeInterval maxAge);
CFDataRef SecOCSPResponseGetData(SecOCSPResponseRef this);
SecOCSPResponseStatus SecOCSPGetResponseStatus(SecOCSPResponseRef ocspResponse);
CFAbsoluteTime SecOCSPResponseGetExpirationTime(SecOCSPResponseRef ocspResponse);
CFDataRef SecOCSPResponseGetNonce(SecOCSPResponseRef ocspResponse);
CFAbsoluteTime SecOCSPResponseProducedAt(SecOCSPResponseRef ocspResponse);
CFAbsoluteTime SecOCSPResponseVerifyTime(SecOCSPResponseRef ocspResponse);
CFArrayRef SecOCSPResponseCopySigners(SecOCSPResponseRef ocspResponse);
void SecOCSPResponseFinalize(SecOCSPResponseRef ocspResponse);
SecOCSPSingleResponseRef SecOCSPResponseCopySingleResponse(
SecOCSPResponseRef ocspResponse, SecOCSPRequestRef request);
void SecOCSPSingleResponseDestroy(SecOCSPSingleResponseRef this);
SecCertificatePathRef SecOCSPResponseCopySigner(SecOCSPResponseRef this,
SecCertificatePathRef issuerPath);
#if defined(__cplusplus)
}
#endif
#endif