WvStreams
wvcrl.h
1 /* -*- Mode: C++ -*-
2  * Worldvisions Weaver Software:
3  * Copyright (C) 1997-2007 Net Integration Technologies, Inc. and others.
4  *
5  * X.509v3 CRL management class.
6  */
7 #ifndef __WVCRL_H
8 #define __WVCRL_H
9 
10 #include "wverror.h"
11 #include "wvlog.h"
12 #include "wvx509.h"
13 
14 // Structures to make the compiler happy so we don't have to include x509v3.h ;)
15 struct X509_crl_st;
16 typedef struct X509_crl_st X509_CRL;
17 struct ssl_ctx_st;
18 typedef struct ssl_ctx_st SSL_CTX;
19 struct asn1_string_st;
20 typedef struct asn1_string_st ASN1_INTEGER;
21 
22 class WvX509Mgr;
23 
28 class WvCRL
29 {
30 public:
38  enum DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER };
39 
43  WvCRL();
44 
49  WvCRL(const WvX509Mgr &ca);
50 
52  virtual ~WvCRL();
53 
55  X509_CRL *getcrl()
56  { return crl; }
57 
62  bool signedbyca(const WvX509 &cacert) const;
63 
68  bool issuedbyca(const WvX509 &cacert) const;
69 
75  bool expired() const;
76 
77  /*
78  * Checks to see if the CRL has any critical extensions in it.
79  * - returns true if the CRL has any critical extensions.
80  */
81  bool has_critical_extensions() const;
82 
91  enum Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE,
92  EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS };
93 
100  Valid validate(const WvX509 &cacert) const;
101 
105  WvString get_aki() const;
106 
110  WvString get_issuer() const;
111 
115  bool isok() const;
116 
120  WvString encode(const DumpMode mode) const;
121  void encode(const DumpMode mode, WvBuf &buf) const;
122 
127  void decode(const DumpMode mode, WvStringParm encoded);
128  void decode(const DumpMode mode, WvBuf &encoded);
129 
133  bool isrevoked(const WvX509 &cert) const;
134  bool isrevoked(WvStringParm serial_number) const;
135 
139  void addcert(const WvX509 &cert);
140 
146  int numcerts() const;
147 
148 private:
149  mutable WvLog debug;
150  X509_CRL *crl;
151 };
152 
153 #endif // __WVCRL_H
WvCRL::Valid
Valid
Type for validate() method: ERROR = there was an error that happened.
Definition: wvcrl.h:91
WvCRL::signedbyca
bool signedbyca(const WvX509 &cacert) const
Check the CRL in crl against the CA certificate in cert.
Definition: wvcrl.cc:95
WvCRL::DumpMode
DumpMode
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X....
Definition: wvcrl.h:38
WvX509
X509 Class to handle certificates and their related functions.
Definition: wvx509.h:41
WvCRL::issuedbyca
bool issuedbyca(const WvX509 &cacert) const
Check the issuer name of the CRL in crl against the CA certificate in cert.
Definition: wvcrl.cc:117
WvCRL::getcrl
X509_CRL * getcrl()
Accessor for CRL.
Definition: wvcrl.h:55
WvCRL::~WvCRL
virtual ~WvCRL()
Destructor.
Definition: wvcrl.cc:81
WvCRL::encode
WvString encode(const DumpMode mode) const
Return the information requested by mode as a WvString.
Definition: wvcrl.cc:197
WvString
WvString is an implementation of a simple and efficient printable-string class.
Definition: wvstring.h:329
WvCRL::validate
Valid validate(const WvX509 &cacert) const
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.
Definition: wvcrl.cc:387
WvLog
A WvLog stream accepts log messages from applications and forwards them to all registered WvLogRcv's.
Definition: wvlog.h:56
WvCRL
CRL Class to handle certificate revocation lists and their related functions.
Definition: wvcrl.h:28
WvCRL::isrevoked
bool isrevoked(const WvX509 &cert) const
Is the certificate in cert revoked?
Definition: wvcrl.cc:333
WvCRL::addcert
void addcert(const WvX509 &cert)
Add the certificate specified by cert to the CRL.
Definition: wvcrl.cc:424
WvBufBase< unsigned char >
Specialization of WvBufBase for unsigned char type buffers intended for use with raw memory buffers.
Definition: wvbuf.h:22
WvX509Mgr
Definition: wvx509mgr.h:14
WvCRL::get_aki
WvString get_aki() const
Get the Authority key Info.
Definition: wvcrl.cc:160
WvCRL::get_issuer
WvString get_issuer() const
Get the CRL Issuer.
Definition: wvcrl.cc:185
WvCRL::decode
void decode(const DumpMode mode, WvStringParm encoded)
Load the information from the format requested by mode into the class - this overwrites the CRL.
Definition: wvcrl.cc:240
WvCRL::WvCRL
WvCRL()
Initialize a blank (null) CRL object.
Definition: wvcrl.cc:40
WvCRL::numcerts
int numcerts() const
Counts the number of certificates in this CRL.
Definition: wvcrl.cc:409
WvCRL::expired
bool expired() const
Checks to see if the CRL is expired (i.e.
Definition: wvcrl.cc:136
WvCRL::isok
bool isok() const
Do we have any errors...
Definition: wvcrl.cc:89