pki/revocation_util.h - boringssl - Git at Google

 // Copyright 2019 The Chromium Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     https://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 #ifndef BSSL_PKI_REVOCATION_UTIL_H_
 #define BSSL_PKI_REVOCATION_UTIL_H_

 #include <cstdint>
 #include <optional>

 #include <openssl/base.h>

 BSSL_NAMESPACE_BEGIN

 namespace der {
 struct GeneralizedTime;
 }

 // Returns true if a revocation status with `this_update` field and potentially
 // a `next_update` field, is valid at POSIX time `verify_time_epoch_seconds` and
 // not older than `max_age_seconds` seconds, if specified. Expressed
 // differently, returns true if `this_update <= verify_time < next_update`, and
 // `this_update >= verify_time - max_age`.
 [[nodiscard]] OPENSSL_EXPORT bool CheckRevocationDateValid(
     const der::GeneralizedTime &this_update,
     const der::GeneralizedTime *next_update, int64_t verify_time_epoch_seconds,
     std::optional<int64_t> max_age_seconds);

 BSSL_NAMESPACE_END

 #endif  // BSSL_PKI_REVOCATION_UTIL_H_
	// Copyright 2019 The Chromium Authors
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// https://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	#ifndef BSSL_PKI_REVOCATION_UTIL_H_
	#define BSSL_PKI_REVOCATION_UTIL_H_

	#include <cstdint>
	#include <optional>

	#include <openssl/base.h>

	BSSL_NAMESPACE_BEGIN

	namespace der {
	struct GeneralizedTime;
	}

	// Returns true if a revocation status with `this_update` field and potentially
	// a `next_update` field, is valid at POSIX time `verify_time_epoch_seconds` and
	// not older than `max_age_seconds` seconds, if specified. Expressed
	// differently, returns true if `this_update <= verify_time < next_update`, and
	// `this_update >= verify_time - max_age`.
	[[nodiscard]] OPENSSL_EXPORT bool CheckRevocationDateValid(
	const der::GeneralizedTime &this_update,
	const der::GeneralizedTime *next_update, int64_t verify_time_epoch_seconds,
	std::optional<int64_t> max_age_seconds);

	BSSL_NAMESPACE_END

	#endif // BSSL_PKI_REVOCATION_UTIL_H_