12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- /* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * Copyright 2018 (c) Mark Giraud, Fraunhofer IOSB
- */
- #ifndef UA_PLUGIN_PKI_H_
- #define UA_PLUGIN_PKI_H_
- #include "ua_types.h"
- #include "ua_server.h"
- _UA_BEGIN_DECLS
- /**
- * Public Key Infrastructure Integration
- * =====================================
- * This file contains interface definitions for integration in a Public Key
- * Infrastructure (PKI). Currently only one plugin interface is defined.
- *
- * Certificate Verification
- * ------------------------
- * This plugin verifies that the origin of the certificate is trusted. It does
- * not assign any access rights/roles to the holder of the certificate.
- *
- * Usually, implementations of the certificate verification plugin provide an
- * initialization method that takes a trust-list and a revocation-list as input.
- * The lifecycle of the plugin is attached to a server or client config. The
- * ``deleteMembers`` method is called automatically when the config is
- * destroyed. */
- struct UA_CertificateVerification;
- typedef struct UA_CertificateVerification UA_CertificateVerification;
- struct UA_CertificateVerification {
- void *context;
- /* Verify the certificate against the configured policies and trust chain. */
- UA_StatusCode (*verifyCertificate)(void *verificationContext,
- const UA_ByteString *certificate);
- /* Verify that the certificate has the applicationURI in the subject name. */
- UA_StatusCode (*verifyApplicationURI)(void *verificationContext,
- const UA_ByteString *certificate,
- const UA_String *applicationURI);
- /* Delete the certificate verification context */
- void (*deleteMembers)(UA_CertificateVerification *cv);
- };
- _UA_END_DECLS
- #endif /* UA_PLUGIN_PKI_H_ */
|