WvStreams
wvcrl.h
1 /* -*- Mode: C++ -*-
2  * Worldvisions Weaver Software:
3  * Copyright (C) 1997-2007 Net Integration Technologies, Inc. and others.
4  *
5  * X.509v3 CRL management class.
6  */
7 #ifndef __WVCRL_H
8 #define __WVCRL_H
9 
10 #include "wverror.h"
11 #include "wvlog.h"
12 #include "wvx509.h"
13 
14 // Structures to make the compiler happy so we don't have to include x509v3.h ;)
15 struct X509_crl_st;
16 typedef struct X509_crl_st X509_CRL;
17 struct ssl_ctx_st;
18 typedef struct ssl_ctx_st SSL_CTX;
19 struct asn1_string_st;
20 typedef struct asn1_string_st ASN1_INTEGER;
21 
22 class WvX509Mgr;
23 
28 class WvCRL
29 {
30 public:
38  enum DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER };
39 
43  WvCRL();
44 
49  WvCRL(const WvX509Mgr &ca);
50 
52  virtual ~WvCRL();
53 
55  X509_CRL *getcrl()
56  { return crl; }
57 
62  bool signedbyca(const WvX509 &cacert) const;
63 
68  bool issuedbyca(const WvX509 &cacert) const;
69 
75  bool expired() const;
76 
77  /*
78  * Checks to see if the CRL has any critical extensions in it.
79  * - returns true if the CRL has any critical extensions.
80  */
81  bool has_critical_extensions() const;
82 
91  enum Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE,
92  EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS };
93 
100  Valid validate(const WvX509 &cacert) const;
101 
105  WvString get_aki() const;
106 
110  WvString get_issuer() const;
111 
115  bool isok() const;
116 
120  WvString encode(const DumpMode mode) const;
121  void encode(const DumpMode mode, WvBuf &buf) const;
122 
127  void decode(const DumpMode mode, WvStringParm encoded);
128  void decode(const DumpMode mode, WvBuf &encoded);
129 
133  bool isrevoked(const WvX509 &cert) const;
134  bool isrevoked(WvStringParm serial_number) const;
135 
139  void addcert(const WvX509 &cert);
140 
146  int numcerts() const;
147 
148 private:
149  mutable WvLog debug;
150  X509_CRL *crl;
151 };
152 
153 #endif // __WVCRL_H