diff options
author | lloyd <[email protected]> | 2008-04-10 04:39:58 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2008-04-10 04:39:58 +0000 |
commit | fd717509a0547faa4384b351635a85f7315f2eaa (patch) | |
tree | 1abd16dc7dba49bd9b52f76e8351e5eac9f1a96e /include/x509_ca.h | |
parent | 4e9d101a1b18316fe14829a52c1e4df20208aa5d (diff) |
Change the interface of X509_CA::sign_request as follows:
- The allow_ca policy value is no longer checked. Callers should check
if the request is for a CA cert and treat it accordingly; this makes
it simpler to to case-by-case decisions (expecially among multiple
threads)
- Instead of a single time value, a u32bit representing the number of
seconds from now the certificate should expire, the start and end times
are passed explicitly as two X509_Time values.
Diffstat (limited to 'include/x509_ca.h')
-rw-r--r-- | include/x509_ca.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/include/x509_ca.h b/include/x509_ca.h index 4a7cb22ca..3c2610d7f 100644 --- a/include/x509_ca.h +++ b/include/x509_ca.h @@ -1,6 +1,6 @@ /************************************************* * X.509 Certificate Authority Header File * -* (C) 1999-2007 Jack Lloyd * +* (C) 1999-2008 Jack Lloyd * *************************************************/ #ifndef BOTAN_X509_CA_H__ @@ -21,7 +21,9 @@ namespace Botan { class X509_CA { public: - X509_Certificate sign_request(const PKCS10_Request&, u32bit = 0) const; + X509_Certificate sign_request(const PKCS10_Request& req, + const X509_Time& not_before, + const X509_Time& not_after); X509_Certificate ca_certificate() const; |