WvStreams
|
CRL Class to handle certificate revocation lists and their related functions. More...
#include <wvcrl.h>
Public Types | |
enum | DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER } |
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL. | |
enum | Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE, EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS } |
Type for validate() method: ERROR = there was an error that happened. More... | |
Public Member Functions | |
WvCRL () | |
Initialize a blank (null) CRL object. | |
WvCRL (const WvX509Mgr &ca) | |
Initialize a CRL object, signed and created by the certificate 'ca'. | |
virtual | ~WvCRL () |
Destructor. | |
X509_CRL * | getcrl () |
Accessor for CRL. | |
bool | signedbyca (const WvX509 &cacert) const |
Check the CRL in crl against the CA certificate in cert. More... | |
bool | issuedbyca (const WvX509 &cacert) const |
Check the issuer name of the CRL in crl against the CA certificate in cert. More... | |
bool | expired () const |
Checks to see if the CRL is expired (i.e. More... | |
bool | has_critical_extensions () const |
Valid | validate (const WvX509 &cacert) const |
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired. More... | |
WvString | get_aki () const |
Get the Authority key Info. | |
WvString | get_issuer () const |
Get the CRL Issuer. | |
bool | isok () const |
Do we have any errors... More... | |
WvString | encode (const DumpMode mode) const |
Return the information requested by mode as a WvString. | |
void | encode (const DumpMode mode, WvBuf &buf) const |
void | decode (const DumpMode mode, WvStringParm encoded) |
Load the information from the format requested by mode into the class - this overwrites the CRL. | |
void | decode (const DumpMode mode, WvBuf &encoded) |
bool | isrevoked (const WvX509 &cert) const |
Is the certificate in cert revoked? | |
bool | isrevoked (WvStringParm serial_number) const |
void | addcert (const WvX509 &cert) |
Add the certificate specified by cert to the CRL. | |
int | numcerts () const |
Counts the number of certificates in this CRL. More... | |
CRL Class to handle certificate revocation lists and their related functions.
enum WvCRL::Valid |
Type for validate() method: ERROR = there was an error that happened.
VALID = the certificate is valid NOT_THIS_CA = the certificate is not signed by this CA NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same), but the signature is invalid.
bool WvCRL::signedbyca | ( | const WvX509 & | cacert | ) | const |
Check the CRL in crl against the CA certificate in cert.
Definition at line 95 of file wvcrl.cc.
References WvX509::get_subject().
Referenced by validate().
bool WvCRL::issuedbyca | ( | const WvX509 & | cacert | ) | const |
Check the issuer name of the CRL in crl against the CA certificate in cert.
Definition at line 117 of file wvcrl.cc.
References get_issuer(), and WvX509::get_subject().
Referenced by validate().
bool WvCRL::expired | ( | ) | const |
Checks to see if the CRL is expired (i.e.
: the present time is past the nextUpdate extension).
Definition at line 136 of file wvcrl.cc.
Referenced by validate().
WvCRL::Valid WvCRL::validate | ( | const WvX509 & | cacert | ) | const |
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.
Definition at line 387 of file wvcrl.cc.
References expired(), issuedbyca(), and signedbyca().
bool WvCRL::isok | ( | ) | const |
Do we have any errors...
convenience function..
Definition at line 89 of file wvcrl.cc.
Referenced by WvX509Mgr::signcrl().
int WvCRL::numcerts | ( | ) | const |