00001
00002
00003
00004
00005
00006
00007 #ifndef __WVX509_H
00008 #define __WVX509_H
00009
00010 #include "wvlog.h"
00011 #include "wverror.h"
00012 #include "wvrsa.h"
00013 #include "wvstringlist.h"
00014
00015
00016 struct x509_st;
00017 typedef struct x509_st X509;
00018 struct ssl_ctx_st;
00019 typedef struct ssl_ctx_st SSL_CTX;
00020
00021 struct X509_name_st;
00022 typedef struct X509_name_st X509_NAME;
00023
00024 struct asn1_string_st;
00025 typedef struct asn1_string_st ASN1_TIME;
00026
00027
00028
00029
00030 void wvssl_init();
00031 void wvssl_free();
00032 WvString wvssl_errstr();
00033
00034
00039 class WvX509 : public IObject
00040 {
00041 IMPLEMENT_IOBJECT(WvX509);
00042 public:
00054 enum DumpMode { CertPEM = 0, CertDER, CertHex, CertFilePEM, CertFileDER };
00055
00061 WvX509();
00062
00071 WvX509(X509 *_cert);
00072
00073 private:
00078 WvX509(const WvX509 &x509);
00079
00080 public:
00082 virtual ~WvX509();
00083
00088 X509 *get_cert() { return cert; }
00089
00093 void set_pubkey(WvRSAKey &rsa_pubkey);
00094
00103 static WvString certreq(WvStringParm subject, const WvRSAKey &rsa);
00104
00111 bool validate(WvX509 *cacert = NULL) const;
00112
00117 bool signedbyca(WvX509 &cacert) const;
00118
00126 bool issuedbyca(WvX509 &cacert) const;
00127
00134 bool verify(WvBuf &original, WvStringParm signature) const;
00135 bool verify(WvStringParm original, WvStringParm signature) const;
00136
00140 WvString encode(const DumpMode mode) const;
00141 void encode(const DumpMode mode, WvBuf &buf) const;
00142
00147 virtual void decode(const DumpMode mode, WvStringParm str);
00148 virtual void decode(const DumpMode mode, WvBuf &encoded);
00149
00154 WvString get_issuer() const;
00155 void set_issuer(WvStringParm name);
00156 void set_issuer(const WvX509 &cacert);
00157
00161 WvString get_subject() const;
00162 void set_subject(WvStringParm name);
00163 void set_subject(X509_NAME *name);
00164
00168 WvString get_serial() const;
00169 void set_serial(long serial_no);
00170
00174 WvString get_nscomment() const;
00175 void set_nscomment(WvStringParm comment);
00176
00180 WvString get_nsserver() const;
00181 void set_nsserver(WvStringParm server_fqdn);
00182
00187 WvString get_crl_dp() const;
00188
00193 bool get_policies(WvStringList &policy_oids) const;
00194
00199 void set_policies(WvStringList &policy_oids);
00200
00205 void set_version();
00206
00210 WvString get_key_usage() const;
00211 void set_key_usage(WvStringParm values);
00212
00216 WvString get_ext_key_usage() const;
00217 void set_ext_key_usage(WvStringParm values);
00218
00223 WvString get_altsubject() const;
00224
00228 void set_altsubject(WvStringParm name);
00229
00234 bool get_basic_constraints(bool &ca, int &pathlen) const;
00235
00239 void set_basic_constraints(bool ca, int pathlen);
00240
00245 bool get_policy_constraints(int &require_explicit_policy,
00246 int &inhibit_policy_mapping) const;
00250 void set_policy_constraints(int require_explicit_policy,
00251 int inhibit_policy_mapping);
00252
00253 struct PolicyMap {
00254 PolicyMap(WvStringParm _issuer_domain, WvStringParm _subject_domain)
00255 {
00256 issuer_domain = _issuer_domain;
00257 subject_domain = _subject_domain;
00258 }
00259 WvString issuer_domain;
00260 WvString subject_domain;
00261 };
00262 DeclareWvList(PolicyMap);
00263
00268 bool get_policy_mapping(PolicyMapList &list) const;
00269
00273 void set_policy_mapping(PolicyMapList &list);
00274
00278 time_t get_notvalid_before() const;
00279 time_t get_notvalid_after() const;
00280
00285 void set_lifetime(long seconds);
00286
00294 WvString get_aia() const;
00295
00301 void set_aia(WvStringList &ca_urls, WvStringList &responders);
00302
00306 void get_ocsp(WvStringList &responders) const;
00307
00312 void get_ca_urls(WvStringList &urls) const;
00313
00318 void get_crl_urls(WvStringList &urls) const;
00319
00324 void set_crl_urls(WvStringList &urls);
00325
00329 WvString get_ski() const;
00330
00334 WvString get_aki() const;
00335
00339 virtual bool isok() const;
00340
00344 virtual WvString errstr() const;
00345
00346 private:
00347 friend class WvCRL;
00348 friend class WvX509Mgr;
00349
00351 X509 *cert;
00352
00353 mutable WvLog debug;
00354
00359 WvString get_extension(int nid) const;
00360 void set_extension(int nid, WvStringParm values);
00361
00365 void set_ski();
00366
00371 void set_aki(const WvX509 &cacert);
00372
00377 void warningset(WvStringParm var);
00378
00383 WvRSAKey *get_rsa_pub() const;
00384 };
00385
00386 #endif // __WVX509_H