aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert
diff options
context:
space:
mode:
Diffstat (limited to 'src/cert')
-rw-r--r--src/cert/x509/x509stor.cpp13
-rw-r--r--src/cert/x509/x509stor.h14
2 files changed, 17 insertions, 10 deletions
diff --git a/src/cert/x509/x509stor.cpp b/src/cert/x509/x509stor.cpp
index 336d155d3..a055602a8 100644
--- a/src/cert/x509/x509stor.cpp
+++ b/src/cert/x509/x509stor.cpp
@@ -23,13 +23,13 @@ namespace {
*/
s32bit validity_check(const X509_Time& start, const X509_Time& end,
const std::chrono::system_clock::time_point& now,
- u32bit slack)
+ std::chrono::seconds slack)
{
const s32bit NOT_YET_VALID = -1, VALID_TIME = 0, EXPIRED = 1;
- if(start.cmp(now + std::chrono::seconds(slack)) > 0)
+ if(start.cmp(now + slack) > 0)
return NOT_YET_VALID;
- if(end.cmp(now - std::chrono::seconds(slack)) < 0)
+ if(end.cmp(now - slack) < 0)
return EXPIRED;
return VALID_TIME;
}
@@ -170,7 +170,8 @@ bool X509_Store::CRL_Data::operator<(const X509_Store::CRL_Data& other) const
/*
* X509_Store Constructor
*/
-X509_Store::X509_Store(u32bit slack, u32bit cache_timeout)
+X509_Store::X509_Store(std::chrono::seconds slack,
+ std::chrono::seconds cache_timeout)
{
revoked_info_valid = true;
@@ -680,7 +681,7 @@ bool X509_Store::Cert_Info::is_trusted() const
/*
* Check if this certificate has been verified
*/
-bool X509_Store::Cert_Info::is_verified(u32bit timeout) const
+bool X509_Store::Cert_Info::is_verified(std::chrono::seconds timeout) const
{
if(!checked)
return false;
@@ -689,7 +690,7 @@ bool X509_Store::Cert_Info::is_verified(u32bit timeout) const
auto now = std::chrono::system_clock::now();
- if(now > last_checked + std::chrono::seconds(timeout))
+ if(now > last_checked + timeout)
checked = false;
return checked;
diff --git a/src/cert/x509/x509stor.h b/src/cert/x509/x509stor.h
index e55e36e7e..1911c6b6a 100644
--- a/src/cert/x509/x509stor.h
+++ b/src/cert/x509/x509stor.h
@@ -96,8 +96,12 @@ class BOTAN_DLL X509_Store
X509_Store& operator=(const X509_Store&) = delete;
- X509_Store(u32bit time_slack = 24*60*60,
- u32bit cache_results = 30*60);
+ /**
+ * @param slack the slack in checking validity times against current clock
+ * @param cache how long to cache validation results before rechecking
+ */
+ X509_Store(std::chrono::seconds slack = std::chrono::seconds(24*60*60),
+ std::chrono::seconds cache = std::chrono::seconds(30*60));
X509_Store(const X509_Store&);
~X509_Store();
@@ -105,7 +109,7 @@ class BOTAN_DLL X509_Store
class BOTAN_DLL Cert_Info
{
public:
- bool is_verified(u32bit timeout) const;
+ bool is_verified(std::chrono::seconds cache_timeout) const;
bool is_trusted() const;
X509_Code verify_result() const;
void set_result(X509_Code) const;
@@ -131,10 +135,12 @@ class BOTAN_DLL X509_Store
bool is_revoked(const X509_Certificate&) const;
static const u32bit NO_CERT_FOUND = 0xFFFFFFFF;
+
std::vector<Cert_Info> certs;
std::vector<CRL_Data> revoked;
std::vector<Certificate_Store*> stores;
- u32bit time_slack, validation_cache_timeout;
+
+ std::chrono::seconds time_slack, validation_cache_timeout;
mutable bool revoked_info_valid;
};