/** * \file x509_crl.h * * \brief X.509 certificate revocation list parsing */ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRL_H #define MBEDTLS_X509_CRL_H #include "mbedtls/private_access.h" #include "mbedtls/build_info.h" #include "mbedtls/x509.h" #ifdef __cplusplus extern "C" { #endif /** * \addtogroup x509_module * \{ */ /** * \name Structures and functions for parsing CRLs * \{ */ /** * Certificate revocation list entry. * Contains the CA-specific serial numbers and revocation dates. * * Some fields of this structure are publicly readable. Do not modify * them except via Mbed TLS library functions: the effect of modifying * those fields or the data that those fields points to is unspecified. */ mbedtls_x509_crl_entry; /** * Certificate revocation list structure. * Every CRL may have multiple entries. */ mbedtls_x509_crl; /** * \brief Parse a DER-encoded CRL and append it to the chained list * * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto * subsystem must have been initialized by calling * psa_crypto_init() before calling this function. * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in DER format * \param buflen size of the buffer * (including the terminating null byte for PEM data) * * \return 0 if successful, or a specific X509 or PEM error code */ int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen); /** * \brief Parse one or more CRLs and append them to the chained list * * \note Multiple CRLs are accepted only if using PEM format * * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto * subsystem must have been initialized by calling * psa_crypto_init() before calling this function. * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in PEM or DER format * \param buflen size of the buffer * (including the terminating null byte for PEM data) * * \return 0 if successful, or a specific X509 or PEM error code */ int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** * \brief Load one or more CRLs and append them to the chained list * * \note Multiple CRLs are accepted only if using PEM format * * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto * subsystem must have been initialized by calling * psa_crypto_init() before calling this function. * * \param chain points to the start of the chain * \param path filename to read the CRLs from (in PEM or DER encoding) * * \return 0 if successful, or a specific X509 or PEM error code */ int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path); #endif /* MBEDTLS_FS_IO */ #if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the CRL. * * \param buf Buffer to write to * \param size Maximum size of buffer * \param prefix A line prefix * \param crl The X509 CRL to represent * * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix, const mbedtls_x509_crl *crl); #endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Initialize a CRL (chain) * * \param crl CRL chain to initialize */ void mbedtls_x509_crl_init(mbedtls_x509_crl *crl); /** * \brief Unallocate all CRL data * * \param crl CRL chain to free */ void mbedtls_x509_crl_free(mbedtls_x509_crl *crl); /** \} name Structures and functions for parsing CRLs */ /** \} addtogroup x509_module */ #ifdef __cplusplus } #endif #endif /* mbedtls_x509_crl.h */
Codebase Browser
godot