aboutsummaryrefslogtreecommitdiffstats
path: root/include/x509_ca.h
diff options
context:
space:
mode:
authorlloyd <[email protected]>2008-04-10 04:39:58 +0000
committerlloyd <[email protected]>2008-04-10 04:39:58 +0000
commitfd717509a0547faa4384b351635a85f7315f2eaa (patch)
tree1abd16dc7dba49bd9b52f76e8351e5eac9f1a96e /include/x509_ca.h
parent4e9d101a1b18316fe14829a52c1e4df20208aa5d (diff)
Change the interface of X509_CA::sign_request as follows:
- The allow_ca policy value is no longer checked. Callers should check if the request is for a CA cert and treat it accordingly; this makes it simpler to to case-by-case decisions (expecially among multiple threads) - Instead of a single time value, a u32bit representing the number of seconds from now the certificate should expire, the start and end times are passed explicitly as two X509_Time values.
Diffstat (limited to 'include/x509_ca.h')
-rw-r--r--include/x509_ca.h6
1 files changed, 4 insertions, 2 deletions
diff --git a/include/x509_ca.h b/include/x509_ca.h
index 4a7cb22ca..3c2610d7f 100644
--- a/include/x509_ca.h
+++ b/include/x509_ca.h
@@ -1,6 +1,6 @@
/*************************************************
* X.509 Certificate Authority Header File *
-* (C) 1999-2007 Jack Lloyd *
+* (C) 1999-2008 Jack Lloyd *
*************************************************/
#ifndef BOTAN_X509_CA_H__
@@ -21,7 +21,9 @@ namespace Botan {
class X509_CA
{
public:
- X509_Certificate sign_request(const PKCS10_Request&, u32bit = 0) const;
+ X509_Certificate sign_request(const PKCS10_Request& req,
+ const X509_Time& not_before,
+ const X509_Time& not_after);
X509_Certificate ca_certificate() const;