diff options
Diffstat (limited to 'src/cert')
-rw-r--r-- | src/cert/x509/x509stor.cpp | 13 | ||||
-rw-r--r-- | src/cert/x509/x509stor.h | 14 |
2 files changed, 17 insertions, 10 deletions
diff --git a/src/cert/x509/x509stor.cpp b/src/cert/x509/x509stor.cpp index 336d155d3..a055602a8 100644 --- a/src/cert/x509/x509stor.cpp +++ b/src/cert/x509/x509stor.cpp @@ -23,13 +23,13 @@ namespace { */ s32bit validity_check(const X509_Time& start, const X509_Time& end, const std::chrono::system_clock::time_point& now, - u32bit slack) + std::chrono::seconds slack) { const s32bit NOT_YET_VALID = -1, VALID_TIME = 0, EXPIRED = 1; - if(start.cmp(now + std::chrono::seconds(slack)) > 0) + if(start.cmp(now + slack) > 0) return NOT_YET_VALID; - if(end.cmp(now - std::chrono::seconds(slack)) < 0) + if(end.cmp(now - slack) < 0) return EXPIRED; return VALID_TIME; } @@ -170,7 +170,8 @@ bool X509_Store::CRL_Data::operator<(const X509_Store::CRL_Data& other) const /* * X509_Store Constructor */ -X509_Store::X509_Store(u32bit slack, u32bit cache_timeout) +X509_Store::X509_Store(std::chrono::seconds slack, + std::chrono::seconds cache_timeout) { revoked_info_valid = true; @@ -680,7 +681,7 @@ bool X509_Store::Cert_Info::is_trusted() const /* * Check if this certificate has been verified */ -bool X509_Store::Cert_Info::is_verified(u32bit timeout) const +bool X509_Store::Cert_Info::is_verified(std::chrono::seconds timeout) const { if(!checked) return false; @@ -689,7 +690,7 @@ bool X509_Store::Cert_Info::is_verified(u32bit timeout) const auto now = std::chrono::system_clock::now(); - if(now > last_checked + std::chrono::seconds(timeout)) + if(now > last_checked + timeout) checked = false; return checked; diff --git a/src/cert/x509/x509stor.h b/src/cert/x509/x509stor.h index e55e36e7e..1911c6b6a 100644 --- a/src/cert/x509/x509stor.h +++ b/src/cert/x509/x509stor.h @@ -96,8 +96,12 @@ class BOTAN_DLL X509_Store X509_Store& operator=(const X509_Store&) = delete; - X509_Store(u32bit time_slack = 24*60*60, - u32bit cache_results = 30*60); + /** + * @param slack the slack in checking validity times against current clock + * @param cache how long to cache validation results before rechecking + */ + X509_Store(std::chrono::seconds slack = std::chrono::seconds(24*60*60), + std::chrono::seconds cache = std::chrono::seconds(30*60)); X509_Store(const X509_Store&); ~X509_Store(); @@ -105,7 +109,7 @@ class BOTAN_DLL X509_Store class BOTAN_DLL Cert_Info { public: - bool is_verified(u32bit timeout) const; + bool is_verified(std::chrono::seconds cache_timeout) const; bool is_trusted() const; X509_Code verify_result() const; void set_result(X509_Code) const; @@ -131,10 +135,12 @@ class BOTAN_DLL X509_Store bool is_revoked(const X509_Certificate&) const; static const u32bit NO_CERT_FOUND = 0xFFFFFFFF; + std::vector<Cert_Info> certs; std::vector<CRL_Data> revoked; std::vector<Certificate_Store*> stores; - u32bit time_slack, validation_cache_timeout; + + std::chrono::seconds time_slack, validation_cache_timeout; mutable bool revoked_info_valid; }; |