15 #include "wvstringlist.h"
19 typedef struct x509_st X509;
21 typedef struct ssl_ctx_st SSL_CTX;
24 typedef struct X509_name_st X509_NAME;
26 struct asn1_string_st;
27 typedef struct asn1_string_st ASN1_TIME;
56 enum DumpMode { CertPEM = 0, CertDER, CertHex, CertFilePEM, CertFileDER };
58 enum FprintMode { FingerMD5 = 0, FingerSHA1 };
135 bool verify(
WvBuf &original, WvStringParm signature)
const;
136 bool verify(WvStringParm original, WvStringParm signature)
const;
156 void set_issuer(WvStringParm name);
157 void set_issuer(
const WvX509 &cacert);
163 void set_subject(WvStringParm name);
164 void set_subject(X509_NAME *name);
170 void set_serial(
long serial_no);
176 void set_nscomment(WvStringParm comment);
182 void set_nsserver(WvStringParm server_fqdn);
212 void set_key_usage(WvStringParm values);
218 void set_ext_key_usage(WvStringParm values);
247 int &inhibit_policy_mapping)
const;
252 int inhibit_policy_mapping);
255 PolicyMap(WvStringParm _issuer_domain, WvStringParm _subject_domain)
257 issuer_domain = _issuer_domain;
258 subject_domain = _subject_domain;
280 time_t get_notvalid_after()
const;
345 virtual bool isok()
const;
373 WvString get_extension(
int nid)
const;
374 void set_extension(
int nid, WvStringParm values);
385 void set_aki(
const WvX509 &cacert);
391 void warningset(WvStringParm var);
time_t get_notvalid_before() const
Return the not before and not after in a format we're more able to easily use.
void set_lifetime(long seconds)
Set the lifetime to be used for this certificate...
WvString get_ski() const
Get the Subject Key Info.
bool verify(WvBuf &original, WvStringParm signature) const
Verify that the contents of data were signed by the certificate currently in cert.
void set_altsubject(WvStringParm name)
Set the Subject Alt Name.
WvString get_fingerprint(const FprintMode mode=FingerSHA1) const
Get the certHash (fingerprint) of the certificate.
bool get_policy_mapping(PolicyMapList &list) const
Get the policy mappings for this certificate.
bool get_basic_constraints(bool &ca, int &pathlen) const
Get the values in the basic constraints extension.
void set_basic_constraints(bool ca, int pathlen)
Set the values in the basic constraints extension.
X509 Class to handle certificates and their related functions.
virtual void decode(const DumpMode mode, WvStringParm str)
Load the information from the format requested by mode into the class - this overwrites the certifica...
void set_policies(WvStringList &policy_oids)
Set the Certificate Policy OIDs in the certificate to that of the input array.
DumpMode
Type for the encode() and decode() methods.
static WvString certreq(WvStringParm subject, const WvRSAKey &rsa)
Create a certificate request (PKCS#10) using this function.
bool get_policy_constraints(int &require_explicit_policy, int &inhibit_policy_mapping) const
Get the values in the policy constraints extension.
WvString get_altsubject() const
Return the Subject alt name if it exists, and WvString::null if it doesn't.
X509 * get_cert()
Allow us to access the certificate member - this will be going away eventually, but for now,...
bool signedbyca(WvX509 &cacert) const
Check the certificate in cert against the CA certificate in cacert.
void set_policy_mapping(PolicyMapList &list)
Set the policy mappings for this certificate.
void get_ocsp(WvStringList &responders) const
Get a list of OCSP Responders for this certificate.
WvString get_nsserver() const
get and set the Netscape SSL Server extension
WvString get_ext_key_usage() const
Get and set the extendedKeyUsage field.
bool validate(WvX509 *cacert=NULL) const
Function to verify the validity of a certificate that has been placed in cert.
virtual bool isok() const
Is the certificate object valid?
virtual WvString errstr() const
Returns an error string if isok() is not true.
WvString get_aia() const
Get the authority info access information.
An RSA public key or public/private key pair that can be used for encryption.
WvString is an implementation of a simple and efficient printable-string class.
A WvLog stream accepts log messages from applications and forwards them to all registered WvLogRcv's.
CRL Class to handle certificate revocation lists and their related functions.
void set_pubkey(WvRSAKey &rsa_pubkey)
Set the public key of the certificate to the public key rsa_pubkey.
void set_version()
Set the Certificate to use X509v3, since that's all modern PKI uses anyways :)
virtual ~WvX509()
Destructor.
WvX509()
Initialize a completely empty X509 Object with an X509 certificate that doesn't have anything it it....
Specialization of WvBufBase for unsigned char type buffers intended for use with raw memory buffers.
WvString get_serial(bool hex=false) const
get and set the serialNumber field of the certificate
void get_crl_urls(WvStringList &urls) const
Get a list of URLs that are valid CRL distribution points for this certificate.
WvString get_issuer() const
Get and set the Certificate Issuer (usually the CA who signed the certificate).
WvString get_nscomment() const
get and set the Netscape Comment extension
bool issuedbyca(WvX509 &cacert) const
Check to see if the certificate in cert was issued by the CA certificate in cacert.
bool get_policies(WvStringList &policy_oids) const
Get any certificate Policy OIDs.
WvString get_aki() const
Get the Authority key Info.
WvString get_crl_dp() const
get the CRL Distribution points if they exist, WvString::null if they don't.
bool operator!() const
The not operator returns true if !isok()
This is a WvList of WvStrings, and is a really handy way to parse strings.
WvString get_subject() const
get and set the Subject field of the certificate
WvString get_key_usage() const
Get and set the keyUsage field.
void set_policy_constraints(int require_explicit_policy, int inhibit_policy_mapping)
Set the values in the policy constraints extension.
void get_ca_urls(WvStringList &urls) const
Get a list of urls that have the Certificate of the CA that issued this certificate.
void set_crl_urls(WvStringList &urls)
Set the list of URLs that are valid CRL distribution points for this certificate.
void set_aia(WvStringList &ca_urls, WvStringList &responders)
Set a list of urls that have the Certificate of the CA that issued this certificate,...
WvString encode(const DumpMode mode) const
Return the information requested by mode.