wvx509.h

00001 /* -*- Mode: C++ -*-
00002  * Worldvisions Weaver Software:
00003  *   Copyright (C) 1997-2004 Net Integration Technologies, Inc.
00004  *
00005  * X.509 certificate management classes.
00006  */ 
00007 #ifndef __WVX509_H
00008 #define __WVX509_H
00009 
00010 #include "wvlog.h"
00011 #include "wverror.h"
00012 #include "wvstringlist.h"
00013 
00014 // Structures to make the compiler happy so we don't have to include x509v3.h ;)
00015 struct x509_st;
00016 typedef struct x509_st X509;
00017 struct ssl_ctx_st;
00018 typedef struct ssl_ctx_st SSL_CTX;
00019 struct X509_crl_st;
00020 typedef struct X509_crl_st X509_CRL;
00021 
00022 struct X509_name_st;
00023 typedef struct X509_name_st X509_NAME;
00024 
00025 struct asn1_string_st;
00026 typedef struct asn1_string_st ASN1_TIME;
00027 
00028 class WvRSAKey;
00029 class WvCRLMgr;
00030 
00031 // workaround for the fact that OpenSSL initialization stuff must be called
00032 // only once.
00033 void wvssl_init();
00034 void wvssl_free();
00035 WvString wvssl_errstr();
00036 
00037 
00042 class WvX509Mgr : public WvError, public IObject
00043 {
00044     IMPLEMENT_IOBJECT(WvX509Mgr);
00045 public:
00057     enum DumpMode { CertPEM = 0, CertDER, RsaPEM, RsaPubPEM, RsaRaw };
00058 
00064     WvX509Mgr();
00065     
00066     
00075     WvX509Mgr(X509 *_cert);
00076 
00081     WvX509Mgr(WvStringParm hexcert, WvStringParm hexrsa);
00082 
00099     WvX509Mgr(WvStringParm _dname, WvRSAKey *_rsa);
00100     
00107     WvX509Mgr(WvStringParm _dname, int bits);
00108 
00109 private:
00114     WvX509Mgr(const WvX509Mgr &mgr);
00115 
00116 public:
00118     virtual ~WvX509Mgr();
00119     
00125     bool bind_ssl(SSL_CTX *ctx);
00126  
00130     const WvRSAKey &get_rsa();
00131     
00136     X509 *get_cert() const { return cert; }
00137 
00142     void set_pubkey(WvRSAKey *rsa_pubkey);
00143     
00151     void create_selfsigned(bool is_ca = false);
00152 
00165     WvString certreq();
00166     
00167 
00173     WvString signreq(WvStringParm pkcs10req);
00174 
00180     bool signcert(X509 *cert);
00181     
00182 
00187     bool signcrl(WvCRLMgr *crl);
00188 
00189 
00195     bool test();
00196 
00202     void unhexify(WvStringParm encodedcert);
00203     
00212     WvString hexify();
00213 
00221     bool validate(WvX509Mgr *cacert = NULL, X509_CRL *crl = NULL);
00222 
00228     bool signedbyCAindir(WvStringParm certdir);
00229    
00234     bool signedbyCAinfile(WvStringParm certfile);
00235 
00240     bool signedbyCA(WvX509Mgr *cacert);
00241 
00246     WvString sign(WvBuf &data);
00247     WvString sign(WvStringParm data);
00248         
00255     bool verify(WvBuf &original, WvStringParm signature);
00256     bool verify(WvStringParm original, WvStringParm signature);
00257     
00261     WvString encode(const DumpMode mode);
00262 
00269     void decode(const DumpMode mode, WvStringParm PemEncoded);
00270 
00279     void write_p12(WvStringParm filename);
00280     
00285     void read_p12(WvStringParm filename);
00286 
00288     void setPkcs12Password(WvStringParm passwd)
00289         { pkcs12pass = passwd; }
00290 
00295     WvString get_issuer();
00296     void set_issuer(WvStringParm name);
00297     
00301     WvString get_subject();
00302     void set_subject(WvStringParm name);
00303     void set_subject(X509_NAME *name);
00307     WvString get_serial();
00308     void set_serial(long serial_no);
00309 
00313     WvString get_nscomment();
00314     void set_nscomment(WvStringParm comment);
00315     
00319     WvString get_nsserver();
00320     void set_nsserver(WvStringParm server_fqdn);
00321     
00326     WvString get_crl_dp();
00327 
00332     void set_crl_dp(WvStringList &list);
00333     
00338     WvString get_cp_oid();
00339     
00345     void set_cp_oid(WvStringParm oid, WvStringParm url);
00346 
00347 
00352     void set_version();
00353 
00357     WvString get_key_usage();
00358     void set_key_usage(WvStringParm values);
00359 
00363     WvString get_ext_key_usage();
00364     void set_ext_key_usage(WvStringParm values);
00365     
00370     WvString get_altsubject();
00371 
00375     void set_altsubject(WvStringParm name);
00376     
00380     WvString get_constraints();
00381     void set_constraints(WvStringParm constraint);
00382     
00386     ASN1_TIME *get_notvalid_before();
00387     ASN1_TIME *get_notvalid_after();
00388     
00393     void set_lifetime(long seconds);
00394     
00398     void set_aia(WvStringParm identifier);
00399     WvString get_aia();
00400 
00401     void set_dname(WvStringParm _dname)
00402     {   dname = _dname; }
00403 
00404     // Takes ownership..
00405     // Fixme: Implement RefCounting in WvRSAKey!
00406     void set_rsakey(WvRSAKey *_rsa)
00407     {   rsa = _rsa; }
00408 
00412     virtual bool isok() const;
00413 
00414     virtual WvString errstr() const;
00415 
00416     virtual int geterr() const;
00417 
00418 private:
00420     X509     *cert;
00421 
00427     WvRSAKey *rsa;
00428     
00430     WvString dname;
00431 
00432     WvLog debug;
00433     
00438     WvString pkcs12pass;
00439 
00444     WvString get_extension(int nid);
00445     void set_extension(int nid, WvStringParm values);
00446     
00450     void filldname();
00451 
00456     WvRSAKey *fillRSAPubKey();
00457 };
00458 
00459 #endif // __WVX509_H

Generated on Mon Feb 5 10:54:30 2007 for WvStreams by  doxygen 1.5.1