diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2007-05-18 10:16:10 +0000 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2007-05-18 10:16:10 +0000 |
| commit | 89665b3866eed67bb6dfd604cbd7744854ab08c8 (patch) | |
| tree | 51d0a749a1fbcc7a372e7bab4464ae1099999784 /src | |
| parent | 27432db6038df71b143be1ba5f17902ea58b501a (diff) | |
| download | strongswan-89665b3866eed67bb6dfd604cbd7744854ab08c8.tar.bz2 strongswan-89665b3866eed67bb6dfd604cbd7744854ab08c8.tar.xz | |
add is_ca() method
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/crypto/ca.c | 9 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/ca.h | 14 |
2 files changed, 21 insertions, 2 deletions
diff --git a/src/libstrongswan/crypto/ca.c b/src/libstrongswan/crypto/ca.c index bb35b37f2..07413e805 100644 --- a/src/libstrongswan/crypto/ca.c +++ b/src/libstrongswan/crypto/ca.c @@ -158,6 +158,14 @@ static bool is_crl_issuer(private_ca_info_t *this, const crl_t *crl) } /** + * Implements ca_info_t.is_ca + */ +static bool is_ca(private_ca_info_t *this) +{ + return this->cacert->is_ca(this->cacert); +} + +/** * Implements ca_info_t.is_strict */ static bool is_strict(private_ca_info_t *this) @@ -778,6 +786,7 @@ ca_info_t *ca_info_create(const char *name, x509_t *cacert) this->public.equals_name_release_info = (bool (*) (ca_info_t*,const char*))equals_name_release_info; this->public.is_cert_issuer = (bool (*) (ca_info_t*,const x509_t*))is_cert_issuer; this->public.is_crl_issuer = (bool (*) (ca_info_t*,const crl_t*))is_crl_issuer; + this->public.is_ca = (bool (*) (ca_info_t*))is_ca; this->public.is_strict = (bool (*) (ca_info_t*))is_strict; this->public.add_info = (void (*) (ca_info_t*,const ca_info_t*))add_info; this->public.add_crl = (void (*) (ca_info_t*,crl_t*))add_crl; diff --git a/src/libstrongswan/crypto/ca.h b/src/libstrongswan/crypto/ca.h index ae10e253e..ff6271b15 100644 --- a/src/libstrongswan/crypto/ca.h +++ b/src/libstrongswan/crypto/ca.h @@ -26,13 +26,15 @@ typedef struct ca_info_t ca_info_t; #include <library.h> -#include <credential_store.h> #include "x509.h" #include "crl.h" #define MAX_CA_PATH_LEN 7 +/*forward declaration */ +struct credential_store_t; + /** * @brief X.509 certification authority information record * @@ -81,6 +83,14 @@ struct ca_info_t { bool (*is_crl_issuer) (ca_info_t *this, const crl_t *crl); /** + * @brief Checks if the ca certificate has the isCA flag set + * + * @param this ca info object + * @return TRUE if the isCA flag is set + */ + bool (*is_ca) (ca_info_t *this); + + /** * @brief Checks if the ca enforces a strict crl policy * * @param this ca info object @@ -192,7 +202,7 @@ struct ca_info_t { * @param credentials credential store needed for trust path verification * @return certificate status */ - cert_status_t (*verify_by_ocsp) (ca_info_t* this, certinfo_t* certinfo, credential_store_t* credentials); + cert_status_t (*verify_by_ocsp) (ca_info_t* this, certinfo_t* certinfo, struct credential_store_t* credentials); /** * @brief Purge the OCSP certinfos of a ca info record |