ua_plugin_pki.h 2.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  4. *
  5. * Copyright 2018 (c) Mark Giraud, Fraunhofer IOSB
  6. */
  7. #ifndef UA_PLUGIN_PKI_H_
  8. #define UA_PLUGIN_PKI_H_
  9. #include "ua_types.h"
  10. #include "ua_server.h"
  11. _UA_BEGIN_DECLS
  12. /**
  13. * Public Key Infrastructure Integration
  14. * =====================================
  15. * This file contains interface definitions for integration in a Public Key
  16. * Infrastructure (PKI). Currently only one plugin interface is defined.
  17. *
  18. * Certificate Verification
  19. * ------------------------
  20. * This plugin verifies that the origin of the certificate is trusted. It does
  21. * not assign any access rights/roles to the holder of the certificate.
  22. *
  23. * Usually, implementations of the certificate verification plugin provide an
  24. * initialization method that takes a trust-list and a revocation-list as input.
  25. * The lifecycle of the plugin is attached to a server or client config. The
  26. * ``deleteMembers`` method is called automatically when the config is
  27. * destroyed. */
  28. struct UA_CertificateVerification;
  29. typedef struct UA_CertificateVerification UA_CertificateVerification;
  30. struct UA_CertificateVerification {
  31. void *context;
  32. /* Verify the certificate against the configured policies and trust chain. */
  33. UA_StatusCode (*verifyCertificate)(void *verificationContext,
  34. const UA_ByteString *certificate);
  35. /* Verify that the certificate has the applicationURI in the subject name. */
  36. UA_StatusCode (*verifyApplicationURI)(void *verificationContext,
  37. const UA_ByteString *certificate,
  38. const UA_String *applicationURI);
  39. /* Delete the certificate verification context */
  40. void (*deleteMembers)(UA_CertificateVerification *cv);
  41. };
  42. _UA_END_DECLS
  43. #endif /* UA_PLUGIN_PKI_H_ */