|
1 // Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // ocsp.h |
|
15 // Header specifying client interface to the OCSP module. |
|
16 // |
|
17 // |
|
18 |
|
19 #ifndef __OCSP_H__ |
|
20 #define __OCSP_H__ |
|
21 |
|
22 /** |
|
23 * @file |
|
24 * @publishedPartner |
|
25 * @released |
|
26 */ |
|
27 |
|
28 #include <e32base.h> |
|
29 #include <signed.h> |
|
30 #include <f32file.h> |
|
31 #include <hash.h> |
|
32 #include <x500dn.h> |
|
33 #include <x509cert.h> |
|
34 #include <ct/rmpointerarray.h> |
|
35 #include <cctcertinfo.h> |
|
36 #include <asn1enc.h> |
|
37 #include <asn1dec.h> |
|
38 |
|
39 // Enums placed in OCSP namespace |
|
40 namespace OCSP |
|
41 { |
|
42 // Globally-reserved error codes - range is -7601 to -7649 |
|
43 enum |
|
44 { |
|
45 KErrTransportFailure = -7601, |
|
46 KErrInvalidURI = -7602, |
|
47 KErrNoCertificates = -7603, |
|
48 KErrTransportTimeout = -7604, |
|
49 KErrServerNotFound = -7605 |
|
50 }; |
|
51 |
|
52 /** |
|
53 * What we think of the response, or why we haven't got one |
|
54 * |
|
55 */ |
|
56 enum TStatus |
|
57 { |
|
58 // Error in communication with server |
|
59 ETransportError = 1, |
|
60 |
|
61 // Internal problem processing response |
|
62 EClientInternalError = 2, |
|
63 |
|
64 // No OCSP server specified |
|
65 ENoServerSpecified = 3, |
|
66 |
|
67 // Invalid sever URI |
|
68 EInvalidURI = 4, |
|
69 |
|
70 // Timeout error |
|
71 ETimeOut = 5, |
|
72 |
|
73 // Problems understanding the response |
|
74 EMalformedResponse = 10, |
|
75 EUnknownResponseType = 11, |
|
76 EUnknownCriticalExtension = 12, |
|
77 |
|
78 // Unsuccessful responses from server |
|
79 EMalformedRequest = 20, |
|
80 EServerInternalError = 21, |
|
81 ETryLater = 22, |
|
82 ESignatureRequired = 23, |
|
83 EClientUnauthorised = 24, |
|
84 |
|
85 // Response validation failures |
|
86 EMissingCertificates = 30, |
|
87 EResponseSignatureValidationFailure = 31, |
|
88 |
|
89 // Time problems |
|
90 EThisUpdateTooLate = 40, |
|
91 EThisUpdateTooEarly = 41, |
|
92 ENextUpdateTooEarly = 42, |
|
93 ECertificateNotValidAtValidationTime = 43, |
|
94 |
|
95 // Nonce error |
|
96 ENonceMismatch = 50, |
|
97 |
|
98 // Response sufficiently valid to use - clients to decide if |
|
99 // missing nonce is sufficiently serious to require rejection |
|
100 EMissingNonce = 51, |
|
101 |
|
102 EValid = 100, |
|
103 }; |
|
104 |
|
105 /** |
|
106 * What does the response say about the certificates? |
|
107 * IMPORTANT: Do not change the order these are in |
|
108 * |
|
109 */ |
|
110 enum TResult |
|
111 { |
|
112 EGood = 10, EUnknown = 20, ERevoked = 30 |
|
113 }; |
|
114 } |
|
115 |
|
116 class TOCSPOutcome |
|
117 { |
|
118 public: |
|
119 TOCSPOutcome(OCSP::TStatus aStatus, OCSP::TResult aResult) |
|
120 : iStatus(aStatus), iResult(aResult) {}; |
|
121 |
|
122 TOCSPOutcome() |
|
123 : iStatus(OCSP::EClientInternalError), iResult(OCSP::EUnknown) {}; |
|
124 |
|
125 TBool operator==(const TOCSPOutcome& aRhs) const |
|
126 { return iStatus == aRhs.iStatus && iResult == aRhs.iResult; } |
|
127 |
|
128 OCSP::TStatus iStatus; |
|
129 OCSP::TResult iResult; |
|
130 }; |
|
131 |
|
132 |
|
133 #ifndef SYMBIAN_ENABLE_SPLIT_HEADERS |
|
134 #include <ocsprequestandresponse.h> |
|
135 #endif |
|
136 |
|
137 #endif // __OCSP_H__ |