1 // Copyright 2019 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef BSSL_PKI_REVOCATION_UTIL_H_ 6 #define BSSL_PKI_REVOCATION_UTIL_H_ 7 8 #include "fillins/openssl_util.h" 9 10 #include <optional> 11 12 #include <cstdint> 13 14 namespace bssl { 15 16 namespace der { 17 struct GeneralizedTime; 18 } 19 20 // Returns true if a revocation status with |this_update| field and potentially 21 // a |next_update| field, is valid at POSIX time |verify_time_epoch_seconds| and 22 // not older than |max_age_seconds| seconds, if specified. Expressed 23 // differently, returns true if |this_update <= verify_time < next_update|, and 24 // |this_update >= verify_time - max_age|. 25 [[nodiscard]] OPENSSL_EXPORT bool CheckRevocationDateValid( 26 const der::GeneralizedTime& this_update, 27 const der::GeneralizedTime* next_update, 28 int64_t verify_time_epoch_seconds, 29 std::optional<int64_t> max_age_seconds); 30 31 } // namespace net 32 33 #endif // BSSL_PKI_REVOCATION_UTIL_H_ 34