From 29dcb0631b1c914fc74114dd3c6add39b508953f Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Tue, 8 May 2012 12:10:01 +0100
Subject: [crypto] Add asynchronous certificate validator

To allow for automatic download of cross-signing certificates and for
OCSP, the validation of certificates must be an asynchronous process.
Create a stub validator which uses a job-control interface to report
the result of certificate validation.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/include/ipxe/errfile.h   |  1 +
 src/include/ipxe/validator.h | 17 +++++++++++++++++
 2 files changed, 18 insertions(+)
 create mode 100644 src/include/ipxe/validator.h

(limited to 'src/include')

diff --git a/src/include/ipxe/errfile.h b/src/include/ipxe/errfile.h
index 7de833d08..fbdeb0a39 100644
--- a/src/include/ipxe/errfile.h
+++ b/src/include/ipxe/errfile.h
@@ -258,6 +258,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #define ERRFILE_imgtrust	      ( ERRFILE_OTHER | 0x002b0000 )
 #define ERRFILE_menu_ui		      ( ERRFILE_OTHER | 0x002c0000 )
 #define ERRFILE_menu_cmd	      ( ERRFILE_OTHER | 0x002d0000 )
+#define ERRFILE_validator	      ( ERRFILE_OTHER | 0x002e0000 )
 
 /** @} */
 
diff --git a/src/include/ipxe/validator.h b/src/include/ipxe/validator.h
new file mode 100644
index 000000000..23bdab423
--- /dev/null
+++ b/src/include/ipxe/validator.h
@@ -0,0 +1,17 @@
+#ifndef _IPXE_VALIDATOR_H
+#define _IPXE_VALIDATOR_H
+
+/** @file
+ *
+ * Certificate validator
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER );
+
+#include <ipxe/interface.h>
+#include <ipxe/x509.h>
+
+extern int create_validator ( struct interface *job, struct x509_chain *chain );
+
+#endif /* _IPXE_VALIDATOR_H */
-- 
cgit v1.2.3-55-g7522