15#include "wvstringlist.h"
19typedef struct x509_st X509;
21typedef struct ssl_ctx_st SSL_CTX;
24typedef struct X509_name_st X509_NAME;
27typedef struct asn1_string_st ASN1_TIME;
56 enum DumpMode { CertPEM = 0, CertDER, CertHex, CertFilePEM, CertFileDER };
58 enum FprintMode { FingerMD5 = 0, FingerSHA1 };
157 void set_issuer(
const WvX509 &cacert);
164 void set_subject(X509_NAME *name);
170 void set_serial(
long serial_no);
247 int &inhibit_policy_mapping)
const;
252 int inhibit_policy_mapping);
257 issuer_domain = _issuer_domain;
258 subject_domain = _subject_domain;
263 DeclareWvList(PolicyMap);
280 time_t get_notvalid_after()
const;
373 WvString get_extension(
int nid)
const;
385 void set_aki(
const WvX509 &cacert);
The basic interface which is included by all other XPLC interfaces and objects.
CRL Class to handle certificate revocation lists and their related functions.
A WvFastString acts exactly like a WvString, but can take (const char *) strings without needing to a...
A WvLog stream accepts log messages from applications and forwards them to all registered WvLogRcv's.
An RSA public key or public/private key pair that can be used for encryption.
This is a WvList of WvStrings, and is a really handy way to parse strings.
WvString is an implementation of a simple and efficient printable-string class.
X509 Class to handle certificates and their related functions.
virtual ~WvX509()
Destructor.
WvString get_ski() const
Get the Subject Key Info.
void set_policy_mapping(PolicyMapList &list)
Set the policy mappings for this certificate.
void set_policies(WvStringList &policy_oids)
Set the Certificate Policy OIDs in the certificate to that of the input array.
time_t get_notvalid_before() const
Return the not before and not after in a format we're more able to easily use.
virtual WvString errstr() const
Returns an error string if isok() is not true.
bool signedbyca(WvX509 &cacert) const
Check the certificate in cert against the CA certificate in cacert.
void set_basic_constraints(bool ca, int pathlen)
Set the values in the basic constraints extension.
WvString get_serial(bool hex=false) const
get and set the serialNumber field of the certificate
WvString get_aki() const
Get the Authority key Info.
WvX509(const WvX509 &x509)
Copy Constructor.
void get_ocsp(WvStringList &responders) const
Get a list of OCSP Responders for this certificate.
void get_ca_urls(WvStringList &urls) const
Get a list of urls that have the Certificate of the CA that issued this certificate.
WvX509()
Initialize a completely empty X509 Object with an X509 certificate that doesn't have anything it it....
bool get_policy_mapping(PolicyMapList &list) const
Get the policy mappings for this certificate.
void set_crl_urls(WvStringList &urls)
Set the list of URLs that are valid CRL distribution points for this certificate.
virtual bool isok() const
Is the certificate object valid?
void set_version()
Set the Certificate to use X509v3, since that's all modern PKI uses anyways :)
WvString get_ext_key_usage() const
Get and set the extendedKeyUsage field.
bool get_policies(WvStringList &policy_oids) const
Get any certificate Policy OIDs.
WvX509(X509 *_cert)
Initialize a blank X509 Object with the certificate *cert (used for client side operations....
WvString get_subject() const
get and set the Subject field of the certificate
X509 * get_cert()
Allow us to access the certificate member - this will be going away eventually, but for now,...
bool validate(WvX509 *cacert=NULL) const
Function to verify the validity of a certificate that has been placed in cert.
bool get_policy_constraints(int &require_explicit_policy, int &inhibit_policy_mapping) const
Get the values in the policy constraints extension.
bool get_basic_constraints(bool &ca, int &pathlen) const
Get the values in the basic constraints extension.
WvString get_fingerprint(const FprintMode mode=FingerSHA1) const
Get the certHash (fingerprint) of the certificate.
DumpMode
Type for the encode() and decode() methods.
bool issuedbyca(WvX509 &cacert) const
Check to see if the certificate in cert was issued by the CA certificate in cacert.
WvString get_crl_dp() const
get the CRL Distribution points if they exist, WvString::null if they don't.
void set_lifetime(long seconds)
Set the lifetime to be used for this certificate... the lifetime starts from the minute that the cert...
void set_pubkey(WvRSAKey &rsa_pubkey)
Set the public key of the certificate to the public key rsa_pubkey.
virtual void decode(const DumpMode mode, WvStringParm str)
Load the information from the format requested by mode into the class - this overwrites the certifica...
virtual void decode(const DumpMode mode, WvStringParm str)
Load the information from the format requested by mode into the class - this overwrites the certifica...
static WvString certreq(WvStringParm subject, const WvRSAKey &rsa)
Create a certificate request (PKCS#10) using this function.
bool operator!() const
The not operator returns true if !isok()
void set_policy_constraints(int require_explicit_policy, int inhibit_policy_mapping)
Set the values in the policy constraints extension.
WvString get_issuer() const
Get and set the Certificate Issuer (usually the CA who signed the certificate).
WvString get_aia() const
Get the authority info access information.
WvString get_altsubject() const
Return the Subject alt name if it exists, and WvString::null if it doesn't.
bool verify(WvBuf &original, WvStringParm signature) const
Verify that the contents of data were signed by the certificate currently in cert.
void set_altsubject(WvStringParm name)
Set the Subject Alt Name.
WvString get_key_usage() const
Get and set the keyUsage field.
WvString encode(const DumpMode mode) const
Return the information requested by mode.
void get_crl_urls(WvStringList &urls) const
Get a list of URLs that are valid CRL distribution points for this certificate.
void set_aia(WvStringList &ca_urls, WvStringList &responders)
Set a list of urls that have the Certificate of the CA that issued this certificate,...
WvString get_nscomment() const
get and set the Netscape Comment extension
WvString get_nsserver() const
get and set the Netscape SSL Server extension
#define IMPLEMENT_IOBJECT(component)
Helper macro to implement the IObject methods automatically.