diff options
Diffstat (limited to 'security/nss/lib/libpkix/include/pkix_certstore.h')
| -rwxr-xr-x | security/nss/lib/libpkix/include/pkix_certstore.h | 714 |
1 files changed, 714 insertions, 0 deletions
diff --git a/security/nss/lib/libpkix/include/pkix_certstore.h b/security/nss/lib/libpkix/include/pkix_certstore.h new file mode 100755 index 000000000..fb705644e --- /dev/null +++ b/security/nss/lib/libpkix/include/pkix_certstore.h @@ -0,0 +1,714 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * This file defines functions associated with the PKIX_CertStore type. + * + */ + +#ifndef _PKIX_CERTSTORE_H +#define _PKIX_CERTSTORE_H + +#include "pkixt.h" +#include "certt.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* General + * + * Please refer to the libpkix Programmer's Guide for detailed information + * about how to use the libpkix library. Certain key warnings and notices from + * that document are repeated here for emphasis. + * + * All identifiers in this file (and all public identifiers defined in + * libpkix) begin with "PKIX_". Private identifiers only intended for use + * within the library begin with "pkix_". + * + * A function returns NULL upon success, and a PKIX_Error pointer upon failure. + * + * Unless otherwise noted, for all accessor (gettor) functions that return a + * PKIX_PL_Object pointer, callers should assume that this pointer refers to a + * shared object. Therefore, the caller should treat this shared object as + * read-only and should not modify this shared object. When done using the + * shared object, the caller should release the reference to the object by + * using the PKIX_PL_Object_DecRef function. + * + * While a function is executing, if its arguments (or anything referred to by + * its arguments) are modified, free'd, or destroyed, the function's behavior + * is undefined. + * + */ + +/* PKIX_CertStore + * + * A PKIX_CertStore provides a standard way for the caller to retrieve + * certificates and CRLs from a particular repository (or "store") of + * certificates and CRLs, including LDAP directories, flat files, local + * databases, etc. The CertCallback allows custom certificate retrieval logic + * to be used while the CRLCallback allows custom CRL retrieval logic to be + * used. Additionally, a CertStore can be initialized with a certStoreContext, + * which is where the caller can specify configuration data such as the host + * name of an LDAP server. Note that this certStoreContext must be an + * Object (although any object type), allowing it to be reference-counted and + * allowing it to provide the standard Object functions (Equals, Hashcode, + * ToString, Compare, Duplicate). Please note that each certStoreContext must + * provide Equals and Hashcode functions in order for the caching (on Cert and + * CertChain) to work correctly. When providing those two functions, it is not + * required that all the components of the object be hashed or checked for + * equality, but merely that the functions distinguish between unique + * instances of the certStoreContext. + * + * Once the caller has created the CertStore object, the caller then specifies + * these CertStore objects in a ProcessingParams object and passes that object + * to PKIX_ValidateChain or PKIX_BuildChain, which uses the objects to call the + * user's callback functions as needed during the validation or building + * process. + * + * The order of CertStores stored (as a list) at ProcessingParams determines + * the order in which certificates are retrieved. Trusted CertStores should + * precede non-trusted ones on the list of CertStores so their certificates + * are evaluated ahead of other certificates selected on the basis of the same + * selector criteria. + * + * The CheckTrustCallback function is used when the CertStore object + * supports trust status, which means a Cert's trust status can be altered + * dynamically. When a CertStore object is created, if the + * CheckTrustCallback is initialized to be non-NULL, this CertStore is + * defaulted as supporting trust. Then whenever a Cert needs to (re)check its + * trust status, this callback can be invoked. When a Cert is retrieved by + * a CertStore supports trust, at its GetCertCallback, the CertStore + * information should be updated in Cert's data structure so the link between + * the Cert and CertStore exists. + * + */ + +/* + * FUNCTION: PKIX_CertStore_CertCallback + * DESCRIPTION: + * + * This callback function retrieves from the CertStore pointed to by "store" + * all the certificates that match the CertSelector pointed to by "selector". + * It places these certificates in a List and stores a pointer to the List at + * "pCerts". If no certificates are found which match the CertSelector's + * criteria, this function stores an empty List at "pCerts". In either case, if + * the operation is completed, NULL is stored at "pNBIOContext". + * + * A CertStore which uses non-blocking I/O may store platform-dependent + * information at "pNBIOContext" and NULL at "pCerts" to indicate that I/O is + * pending. A subsequent call to PKIX_CertStore_CertContinue is required to + * finish the operation and to obtain the List of Certs. + * + * Note that the List returned by this function is immutable. + * + * PARAMETERS: + * "store" + * Address of CertStore from which Certs are to be retrieved. + * Must be non-NULL. + * "selector" + * Address of CertSelector whose criteria must be satisfied. + * Must be non-NULL. + * "verifyNode" + * Parent log node for tracking of filtered out certs. + * "pNBIOContext" + * Address at which platform-dependent information is stored if the + * operation is suspended for non-blocking I/O. Must be non-NULL. + * "pCerts" + * Address where object pointer will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +typedef PKIX_Error * +(*PKIX_CertStore_CertCallback)( + PKIX_CertStore *store, + PKIX_CertSelector *selector, + PKIX_VerifyNode *verifyNode, + void **pNBIOContext, + PKIX_List **pCerts, /* list of PKIX_PL_Cert */ + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_CertContinue + * DESCRIPTION: + * + * This function continues the non-blocking operation initiated by an earlier + * call to the CertCallback function, for the CertStore pointed to by "store". + * If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL + * value returned in "pNBIOContext") calling this function will return a fatal + * error. If the operation is completed the certificates found are placed in a + * List, a pointer to which is stored at "pCerts". If no certificates are found + * which match the CertSelector's criteria, this function stores an empty List + * at "pCerts". In either case, if the operation is completed, NULL is stored + * at "pNBIOContext". + * + * If non-blocking I/O is still pending this function stores platform-dependent + * information at "pNBIOContext" and NULL at "pCerts". A subsequent call to + * PKIX_CertStore_CertContinue is required to finish the operation and to + * obtain the List of Certs. + * + * Note that the List returned by this function is immutable. + * + * PARAMETERS: + * "store" + * Address of CertStore from which Certs are to be retrieved. + * Must be non-NULL. + * "selector" + * Address of CertSelector whose criteria must be satisfied. + * Must be non-NULL. + * "verifyNode" + * Parent log node for tracking of filtered out certs. + * "pNBIOContext" + * Address at which platform-dependent information is stored if the + * operation is suspended for non-blocking I/O. Must be non-NULL. + * "pCerts" + * Address where object pointer will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_CertContinue( + PKIX_CertStore *store, + PKIX_CertSelector *selector, + PKIX_VerifyNode *verifyNode, + void **pNBIOContext, + PKIX_List **pCerts, /* list of PKIX_PL_Cert */ + void *plContext); + +typedef PKIX_Error * +(*PKIX_CertStore_CertContinueFunction)( + PKIX_CertStore *store, + PKIX_CertSelector *selector, + PKIX_VerifyNode *verifyNode, + void **pNBIOContext, + PKIX_List **pCerts, /* list of PKIX_PL_Cert */ + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_CRLCallback + * DESCRIPTION: + * + * This callback function retrieves from the CertStore pointed to by "store" + * all the CRLs that match the CRLSelector pointed to by "selector". It + * places these CRLs in a List and stores a pointer to the List at "pCRLs". + * If no CRLs are found which match the CRLSelector's criteria, this function + * stores an empty List at "pCRLs". In either case, if the operation is + * completed, NULL is stored at "pNBIOContext". + * + * A CertStore which uses non-blocking I/O may store platform-dependent + * information at "pNBIOContext" and NULL at "pCrls" to indicate that I/O is + * pending. A subsequent call to PKIX_CertStore_CRLContinue is required to + * finish the operation and to obtain the List of Crls. + * + * Note that the List returned by this function is immutable. + * + * PARAMETERS: + * "store" + * Address of CertStore from which CRLs are to be retrieved. + * Must be non-NULL. + * "selector" + * Address of CRLSelector whose criteria must be satisfied. + * Must be non-NULL. + * "pCrls" + * Address where object pointer will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +typedef PKIX_Error * +(*PKIX_CertStore_CRLCallback)( + PKIX_CertStore *store, + PKIX_CRLSelector *selector, + void **pNBIOContext, + PKIX_List **pCrls, /* list of PKIX_PL_CRL */ + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_ImportCrlCallback + * DESCRIPTION: + * + * The function imports crl list into a cert store. Stores that + * have local cache may only have that function defined. + * + * PARAMETERS: + * "store" + * Address of CertStore from which CRLs are to be retrieved. + * Must be non-NULL. + * "issuerName" + * Name of the issuer that will be used to track bad der crls. + * "crlList" + * Address on the importing crl list. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +typedef PKIX_Error * +(*PKIX_CertStore_ImportCrlCallback)( + PKIX_CertStore *store, + PKIX_PL_X500Name *issuerName, + PKIX_List *crlList, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_CheckRevokationByCrlCallback + * DESCRIPTION: + * + * The function checks revocation status of a cert with specified + * issuer, date. It returns revocation status of a cert and + * a reason code(if any) if a cert was revoked. + * + * PARAMETERS: + * "store" + * Address of CertStore from which CRLs are to be retrieved. + * Must be non-NULL. + * "cert" + * Certificate which revocation status will be checked. + * "issuer" + * Issuer certificate of the "crl". + * "date" + * Date of the revocation check. + * "crlDownloadDone" + * Indicates, that all needed crl downloads are done by the time of + * the revocation check. + * "reasonCode" + * If cert is revoked, returned reason code for which a cert was revoked. + * "revStatus" + * Returned revocation status of the cert. See PKIX_RevocationStatus + * for more details + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +typedef PKIX_Error * +(*PKIX_CertStore_CheckRevokationByCrlCallback)( + PKIX_CertStore *store, + PKIX_PL_Cert *cert, + PKIX_PL_Cert *issuer, + PKIX_PL_Date *date, + PKIX_Boolean crlDownloadDone, + CERTCRLEntryReasonCode *reasonCode, + PKIX_RevocationStatus *revStatus, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_CrlContinue + * DESCRIPTION: + * + * This function continues the non-blocking operation initiated by an earlier + * call to the CRLCallback function, for the CertStore pointed to by "store". + * If an earlier call did not terminate with the WOULDBLOCK indication (non-NULL + * value returned in "pNBIOContext") calling this function will return a fatal + * error. If the operation is completed the crls found are placed in a List, a + * pointer to which is stored at "pCrls". If no crls are found which match the + * CRLSelector's criteria, this function stores an empty List at "pCrls". In + * either case, if the operation is completed, NULL is stored at "pNBIOContext". + * + * If non-blocking I/O is still pending this function stores platform-dependent + * information at "pNBIOContext" and NULL at "pCrls". A subsequent call to + * PKIX_CertStore_CrlContinue is required to finish the operation and to + * obtain the List of Crls. + * + * Note that the List returned by this function is immutable. + * + * PARAMETERS: + * "store" + * Address of CertStore from which Crls are to be retrieved. + * Must be non-NULL. + * "selector" + * Address of CRLSelector whose criteria must be satisfied. + * Must be non-NULL. + * "pNBIOContext" + * Address at which platform-dependent information is stored if the + * operation is suspended for non-blocking I/O. Must be non-NULL. + * "pCrls" + * Address where object pointer will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_CrlContinue( + PKIX_CertStore *store, + PKIX_CRLSelector *selector, + void **pNBIOContext, + PKIX_List **pCrls, /* list of PKIX_PL_CRL */ + void *plContext); + +typedef PKIX_Error * +(*PKIX_CertStore_CrlContinueFunction)( + PKIX_CertStore *store, + PKIX_CRLSelector *selector, + void **pNBIOContext, + PKIX_List **pCrls, /* list of PKIX_PL_CRL */ + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_CheckTrustCallback + * DESCRIPTION: + * + * This callback function rechecks "cert's" trust status from the CertStore + * pointed to by "store". + * + * PARAMETERS: + * "store" + * Address of CertStore from which Certs are to be checked. + * Must be non-NULL. + * "cert" + * Address of Cert whose trust status needs to be rechecked. + * Must be non-NULL. + * "pTrusted" + * Address of PKIX_Boolean where the trust status is returned. + * Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe + * + * Multiple threads must be able to safely call this function without + * worrying about conflicts, even if they're operating on the same object. + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +typedef PKIX_Error * +(*PKIX_CertStore_CheckTrustCallback)( + PKIX_CertStore *store, + PKIX_PL_Cert *cert, + PKIX_Boolean *pTrusted, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_Create + * DESCRIPTION: + * + * Creates a new CertStore and stores it at "pStore". The new CertStore uses + * the CertCallback pointed to by "certCallback" and the CRLCallback pointed + * to by "crlCallback" as its callback functions and uses the Object pointed + * to by "certStoreContext" as its context . Note that this certStoreContext + * must be an Object (although any object type), allowing it to be + * reference-counted and allowing it to provide the standard Object functions + * (Equals, Hashcode, ToString, Compare, Duplicate). Once created, a + * CertStore object is immutable, although the underlying repository can + * change. For example, a CertStore will often be a front-end for a database + * or directory. The contents of that directory can change after the + * CertStore object is created, but the CertStore object remains immutable. + * + * PARAMETERS: + * "certCallback" + * The CertCallback function to be used. Must be non-NULL. + * "crlCallback" + * The CRLCallback function to be used. Must be non-NULL. + * "certContinue" + * The function to be used to resume a certCallback that returned with a + * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking + * I/O. + * "crlContinue" + * The function to be used to resume a crlCallback that returned with a + * WOULDBLOCK condition. Must be non-NULL if certStore supports non-blocking + * I/O. + * "trustCallback" + * Address of PKIX_CertStore_CheckTrustCallback which is called to + * verify the trust status of Certs in this CertStore. + * "certStoreContext" + * Address of Object representing the CertStore's context (if any). + * "cachedFlag" + * If TRUE indicates data retrieved from CertStore should be cached. + * "localFlag" + * Boolean value indicating whether this CertStore is local. + * "pStore" + * Address where object pointer will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a CertStore Error if the function fails in a non-fatal way. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_Create( + PKIX_CertStore_CertCallback certCallback, + PKIX_CertStore_CRLCallback crlCallback, + PKIX_CertStore_CertContinueFunction certContinue, + PKIX_CertStore_CrlContinueFunction crlContinue, + PKIX_CertStore_CheckTrustCallback trustCallback, + PKIX_CertStore_ImportCrlCallback importCrlCallback, + PKIX_CertStore_CheckRevokationByCrlCallback checkRevByCrlCallback, + PKIX_PL_Object *certStoreContext, + PKIX_Boolean cachedFlag, + PKIX_Boolean localFlag, + PKIX_CertStore **pStore, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetCertCallback + * DESCRIPTION: + * + * Retrieves a pointer to "store's" Cert callback function and put it in + * "pCallback". + * + * PARAMETERS: + * "store" + * The CertStore whose Cert callback is desired. Must be non-NULL. + * "pCallback" + * Address where Cert callback function pointer will be stored. + * Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetCertCallback( + PKIX_CertStore *store, + PKIX_CertStore_CertCallback *pCallback, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetCRLCallback + * DESCRIPTION: + * + * Retrieves a pointer to "store's" CRL callback function and put it in + * "pCallback". + * + * PARAMETERS: + * "store" + * The CertStore whose CRL callback is desired. Must be non-NULL. + * "pCallback" + * Address where CRL callback function pointer will be stored. + * Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetCRLCallback( + PKIX_CertStore *store, + PKIX_CertStore_CRLCallback *pCallback, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetImportCrlCallback + * DESCRIPTION: + * + * Retrieves a pointer to "store's" Import CRL callback function and put it in + * "pCallback". + * + * PARAMETERS: + * "store" + * The CertStore whose CRL callback is desired. Must be non-NULL. + * "pCallback" + * Address where CRL callback function pointer will be stored. + * Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetImportCrlCallback( + PKIX_CertStore *store, + PKIX_CertStore_ImportCrlCallback *pCallback, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetCheckRevByCrl + * DESCRIPTION: + * + * Retrieves a pointer to "store's" CRL revocation checker callback function + * and put it in "pCallback". + * + * PARAMETERS: + * "store" + * The CertStore whose CRL callback is desired. Must be non-NULL. + * "pCallback" + * Address where CRL callback function pointer will be stored. + * Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetCrlCheckerFn( + PKIX_CertStore *store, + PKIX_CertStore_CheckRevokationByCrlCallback *pCallback, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetTrustCallback + * DESCRIPTION: + * + * Retrieves the function pointer to the CheckTrust callback function of the + * CertStore pointed to by "store" and stores it at "pCallback". + * + * PARAMETERS: + * "store" + * The CertStore whose CheckTrust callback is desired. Must be non-NULL. + * "pCallback" + * Address where CheckTrust callback function pointer will be stored. + * Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetTrustCallback( + PKIX_CertStore *store, + PKIX_CertStore_CheckTrustCallback *pCallback, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetCertStoreContext + * DESCRIPTION: + * + * Retrieves a pointer to the Object representing the context (if any) + * of the CertStore pointed to by "store" and stores it at + * "pCertStoreContext". + * + * PARAMETERS: + * "store" + * Address of CertStore whose context is to be stored. Must be non-NULL. + * "pCertStoreContext" + * Address where object pointer will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetCertStoreContext( + PKIX_CertStore *store, + PKIX_PL_Object **pCertStoreContext, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetCertStoreCacheFlag + * DESCRIPTION: + * + * Retrieves the Boolean cache flag of the CertStore pointed to by "store" and + * stores it at "pCachedFlag". + * + * PARAMETERS: + * "store" + * Address of CertStore whose cache flag is to be stored. Must be non-NULL. + * "pCacheFlag" + * Address where the result will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetCertStoreCacheFlag( + PKIX_CertStore *store, + PKIX_Boolean *pCacheFlag, + void *plContext); + +/* + * FUNCTION: PKIX_CertStore_GetLocalFlag + * DESCRIPTION: + * + * Retrieves the Boolean localFlag for the CertStore pointed to by "store" and + * stores it at "pLocalFlag". The localFlag is TRUE if the CertStore can + * fulfill a request without performing network I/O. + * + * PARAMETERS: + * "store" + * The CertStore whose Local flag is desired. Must be non-NULL. + * "pCallback" + * Address where the Boolean LocalFlag will be stored. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns NULL if the function succeeds. + * Returns a Fatal Error if the function fails in an unrecoverable way. + */ +PKIX_Error * +PKIX_CertStore_GetLocalFlag( + PKIX_CertStore *store, + PKIX_Boolean *pLocalFlag, + void *plContext); + +#ifdef __cplusplus +} +#endif + +#endif /* _PKIX_CERTSTORE_H */ |