WvStreams
|
CRL Class to handle certificate revocation lists and their related functions. More...
#include <wvcrl.h>
Public Types | |
enum | DumpMode { CRLPEM = 0 , CRLDER , CRLFilePEM , CRLFileDER , CRLPEM = 0 , CRLDER , CRLFilePEM , CRLFileDER } |
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL. More... | |
enum | Valid { CRLERROR = -1 , VALID , NOT_THIS_CA , NO_VALID_SIGNATURE , EXPIRED , UNHANDLED_CRITICAL_EXTENSIONS , CRLERROR = -1 , VALID , NOT_THIS_CA , NO_VALID_SIGNATURE , EXPIRED , UNHANDLED_CRITICAL_EXTENSIONS } |
Type for validate() method: ERROR = there was an error that happened. More... | |
enum | DumpMode { CRLPEM = 0 , CRLDER , CRLFilePEM , CRLFileDER , CRLPEM = 0 , CRLDER , CRLFilePEM , CRLFileDER } |
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL. More... | |
enum | Valid { CRLERROR = -1 , VALID , NOT_THIS_CA , NO_VALID_SIGNATURE , EXPIRED , UNHANDLED_CRITICAL_EXTENSIONS , CRLERROR = -1 , VALID , NOT_THIS_CA , NO_VALID_SIGNATURE , EXPIRED , UNHANDLED_CRITICAL_EXTENSIONS } |
Type for validate() method: ERROR = there was an error that happened. More... | |
Public Member Functions | |
WvCRL () | |
Initialize a blank (null) CRL object. | |
WvCRL (const WvX509Mgr &ca) | |
Initialize a CRL object, signed and created by the certificate 'ca'. | |
virtual | ~WvCRL () |
Destructor. | |
X509_CRL * | getcrl () |
Accessor for CRL. | |
bool | signedbyca (const WvX509 &cacert) const |
Check the CRL in crl against the CA certificate in cert. | |
bool | issuedbyca (const WvX509 &cacert) const |
Check the issuer name of the CRL in crl against the CA certificate in cert. | |
bool | expired () const |
Checks to see if the CRL is expired (i.e.: the present time is past the nextUpdate extension). | |
bool | has_critical_extensions () const |
Valid | validate (const WvX509 &cacert) const |
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired. | |
WvString | get_aki () const |
Get the Authority key Info. | |
WvString | get_issuer () const |
Get the CRL Issuer. | |
bool | isok () const |
Do we have any errors... convenience function. | |
WvString | encode (const DumpMode mode) const |
Return the information requested by mode as a WvString. | |
void | encode (const DumpMode mode, WvBuf &buf) const |
void | decode (const DumpMode mode, WvStringParm encoded) |
Load the information from the format requested by mode into the class - this overwrites the CRL. | |
void | decode (const DumpMode mode, WvBuf &encoded) |
bool | isrevoked (const WvX509 &cert) const |
Is the certificate in cert revoked? | |
bool | isrevoked (WvStringParm serial_number) const |
void | addcert (const WvX509 &cert) |
Add the certificate specified by cert to the CRL. | |
int | numcerts () const |
Counts the number of certificates in this CRL. | |
WvCRL () | |
Initialize a blank (null) CRL object. | |
WvCRL (const WvX509Mgr &ca) | |
Initialize a CRL object, signed and created by the certificate 'ca'. | |
virtual | ~WvCRL () |
Destructor. | |
X509_CRL * | getcrl () |
Accessor for CRL. | |
bool | signedbyca (const WvX509 &cacert) const |
Check the CRL in crl against the CA certificate in cert. | |
bool | issuedbyca (const WvX509 &cacert) const |
Check the issuer name of the CRL in crl against the CA certificate in cert. | |
bool | expired () const |
Checks to see if the CRL is expired (i.e.: the present time is past the nextUpdate extension). | |
bool | has_critical_extensions () const |
Valid | validate (const WvX509 &cacert) const |
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired. | |
WvString | get_aki () const |
Get the Authority key Info. | |
WvString | get_issuer () const |
Get the CRL Issuer. | |
bool | isok () const |
Do we have any errors... convenience function. | |
WvString | encode (const DumpMode mode) const |
Return the information requested by mode as a WvString. | |
void | encode (const DumpMode mode, WvBuf &buf) const |
void | decode (const DumpMode mode, WvStringParm encoded) |
Load the information from the format requested by mode into the class - this overwrites the CRL. | |
void | decode (const DumpMode mode, WvBuf &encoded) |
bool | isrevoked (const WvX509 &cert) const |
Is the certificate in cert revoked? | |
bool | isrevoked (WvStringParm serial_number) const |
void | addcert (const WvX509 &cert) |
Add the certificate specified by cert to the CRL. | |
int | numcerts () const |
Counts the number of certificates in this CRL. | |
CRL Class to handle certificate revocation lists and their related functions.
Definition at line 28 of file debian/libwvstreams-dev/usr/include/wvstreams/wvcrl.h.
enum WvCRL::DumpMode |
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL.
Definition at line 38 of file debian/libwvstreams-dev/usr/include/wvstreams/wvcrl.h.
enum WvCRL::Valid |
Type for validate() method: ERROR = there was an error that happened.
VALID = the certificate is valid NOT_THIS_CA = the certificate is not signed by this CA NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same), but the signature is invalid.
Definition at line 91 of file debian/libwvstreams-dev/usr/include/wvstreams/wvcrl.h.
enum WvCRL::DumpMode |
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL.
Definition at line 38 of file include/wvcrl.h.
enum WvCRL::Valid |
Type for validate() method: ERROR = there was an error that happened.
VALID = the certificate is valid NOT_THIS_CA = the certificate is not signed by this CA NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same), but the signature is invalid.
Definition at line 91 of file include/wvcrl.h.
WvCRL::WvCRL | ( | const WvX509Mgr & | ca | ) |
Initialize a CRL object, signed and created by the certificate 'ca'.
Definition at line 47 of file wvcrl.cc.
References WvX509Mgr::signcrl().
|
inline |
Accessor for CRL.
Definition at line 55 of file debian/libwvstreams-dev/usr/include/wvstreams/wvcrl.h.
Referenced by WvX509Mgr::signcrl().
bool WvCRL::signedbyca | ( | const WvX509 & | cacert | ) | const |
Check the CRL in crl against the CA certificate in cert.
Definition at line 95 of file wvcrl.cc.
References WvX509::get_subject().
Referenced by validate().
bool WvCRL::issuedbyca | ( | const WvX509 & | cacert | ) | const |
Check the issuer name of the CRL in crl against the CA certificate in cert.
Definition at line 117 of file wvcrl.cc.
References get_issuer(), and WvX509::get_subject().
Referenced by validate().
bool WvCRL::expired | ( | ) | const |
Checks to see if the CRL is expired (i.e.: the present time is past the nextUpdate extension).
Definition at line 136 of file wvcrl.cc.
Referenced by validate().
WvCRL::Valid WvCRL::validate | ( | const WvX509 & | cacert | ) | const |
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.
Definition at line 387 of file wvcrl.cc.
References expired(), issuedbyca(), and signedbyca().
WvString WvCRL::get_aki | ( | ) | const |
WvString WvCRL::get_issuer | ( | ) | const |
bool WvCRL::isok | ( | ) | const |
Do we have any errors... convenience function.
Definition at line 89 of file wvcrl.cc.
Referenced by WvX509Mgr::signcrl().
void WvCRL::encode | ( | const DumpMode | mode, |
WvBuf & | buf | ||
) | const |
void WvCRL::decode | ( | const DumpMode | mode, |
WvStringParm | encoded | ||
) |
Load the information from the format requested by mode into the class - this overwrites the CRL.
Definition at line 240 of file wvcrl.cc.
References WvFastString::cstr(), and decode().
Referenced by decode().
void WvCRL::decode | ( | const DumpMode | mode, |
WvBuf & | encoded | ||
) |
bool WvCRL::isrevoked | ( | const WvX509 & | cert | ) | const |
Is the certificate in cert revoked?
Definition at line 333 of file wvcrl.cc.
References WvX509::get_serial(), WvX509::get_subject(), and isrevoked().
Referenced by isrevoked().
bool WvCRL::isrevoked | ( | WvStringParm | serial_number | ) | const |
void WvCRL::addcert | ( | const WvX509 & | cert | ) |
Add the certificate specified by cert to the CRL.
Definition at line 424 of file wvcrl.cc.
References WvX509::get_serial(), and WvX509::isok().
int WvCRL::numcerts | ( | ) | const |
|
inline |
Accessor for CRL.
Definition at line 55 of file include/wvcrl.h.
bool WvCRL::signedbyca | ( | const WvX509 & | cacert | ) | const |
Check the CRL in crl against the CA certificate in cert.
bool WvCRL::issuedbyca | ( | const WvX509 & | cacert | ) | const |
Check the issuer name of the CRL in crl against the CA certificate in cert.
bool WvCRL::expired | ( | ) | const |
Checks to see if the CRL is expired (i.e.: the present time is past the nextUpdate extension).
Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.
bool WvCRL::isok | ( | ) | const |
Do we have any errors... convenience function.
int WvCRL::numcerts | ( | ) | const |
Counts the number of certificates in this CRL.
WARNING: this method will be very slow and will consume a lot of memory for large CRLs.