wvx509.h

00001 /* -*- Mode: C++ -*-
00002  * Worldvisions Weaver Software:
00003  *   Copyright (C) 1997-2004 Net Integration Technologies, Inc.
00004  *
00005  * X.509 certificate management classes.
00006  */ 
00007 #ifndef __WVX509_H
00008 #define __WVX509_H
00009 
00010 #include "wvlog.h"
00011 #include "wverror.h"
00012 #include "wvrsa.h"
00013 #include "wvstringlist.h"
00014 
00015 // Structures to make the compiler happy so we don't have to include x509v3.h ;)
00016 struct x509_st;
00017 typedef struct x509_st X509;
00018 struct ssl_ctx_st;
00019 typedef struct ssl_ctx_st SSL_CTX;
00020 
00021 struct X509_name_st;
00022 typedef struct X509_name_st X509_NAME;
00023 
00024 struct asn1_string_st;
00025 typedef struct asn1_string_st ASN1_TIME;
00026 
00027 
00028 // workaround for the fact that OpenSSL initialization stuff must be called
00029 // only once.
00030 void wvssl_init();
00031 void wvssl_free();
00032 WvString wvssl_errstr();
00033 
00034 
00039 class WvX509 : public IObject
00040 {
00041     IMPLEMENT_IOBJECT(WvX509);
00042 public:
00054     enum DumpMode { CertPEM = 0, CertDER, CertHex, CertFilePEM, CertFileDER };
00055 
00061     WvX509();
00062     
00071     WvX509(X509 *_cert);
00072 
00073 private:
00078     WvX509(const WvX509 &x509);
00079 
00080 public:
00082     virtual ~WvX509();
00083     
00088     X509 *get_cert() { return cert; }
00089 
00093     void set_pubkey(WvRSAKey &rsa_pubkey);
00094     
00103     static WvString certreq(WvStringParm subject, const WvRSAKey &rsa);
00104         
00111     bool validate(WvX509 *cacert = NULL) const;
00112 
00117     bool signedbyca(WvX509 &cacert) const;
00118 
00126     bool issuedbyca(WvX509 &cacert) const;
00127 
00134     bool verify(WvBuf &original, WvStringParm signature) const;
00135     bool verify(WvStringParm original, WvStringParm signature) const;
00136 
00140     WvString encode(const DumpMode mode) const;
00141     void encode(const DumpMode mode, WvBuf &buf) const;
00142 
00147     virtual void decode(const DumpMode mode, WvStringParm str);
00148     virtual void decode(const DumpMode mode, WvBuf &encoded);
00149 
00154     WvString get_issuer() const;
00155     void set_issuer(WvStringParm name);
00156     void set_issuer(const WvX509 &cacert);
00157     
00161     WvString get_subject() const;
00162     void set_subject(WvStringParm name);
00163     void set_subject(X509_NAME *name);
00164 
00168     WvString get_serial() const;
00169     void set_serial(long serial_no);
00170 
00174     WvString get_nscomment() const;
00175     void set_nscomment(WvStringParm comment);
00176     
00180     WvString get_nsserver() const;
00181     void set_nsserver(WvStringParm server_fqdn);
00182     
00187     WvString get_crl_dp() const;
00188 
00193     bool get_policies(WvStringList &policy_oids) const;
00194     
00199     void set_policies(WvStringList &policy_oids);
00200 
00205     void set_version();
00206 
00210     WvString get_key_usage() const;
00211     void set_key_usage(WvStringParm values);
00212 
00216     WvString get_ext_key_usage() const;
00217     void set_ext_key_usage(WvStringParm values);
00218     
00223     WvString get_altsubject() const;
00224 
00228     void set_altsubject(WvStringParm name);
00229     
00234     bool get_basic_constraints(bool &ca, int &pathlen) const;
00235 
00239     void set_basic_constraints(bool ca, int pathlen);
00240 
00245     bool get_policy_constraints(int &require_explicit_policy, 
00246                                 int &inhibit_policy_mapping) const;
00250     void set_policy_constraints(int require_explicit_policy, 
00251                                 int inhibit_policy_mapping);
00252     
00253     struct PolicyMap {
00254         PolicyMap(WvStringParm _issuer_domain, WvStringParm _subject_domain)
00255         {
00256             issuer_domain = _issuer_domain;
00257             subject_domain = _subject_domain;
00258         }
00259         WvString issuer_domain;
00260         WvString subject_domain;
00261     };
00262     DeclareWvList(PolicyMap);
00263 
00268     bool get_policy_mapping(PolicyMapList &list) const;
00269 
00273     void set_policy_mapping(PolicyMapList &list);
00274 
00278     time_t get_notvalid_before() const;
00279     time_t get_notvalid_after() const;
00280     
00285     void set_lifetime(long seconds);
00286     
00294     WvString get_aia() const;
00295 
00301     void set_aia(WvStringList &ca_urls, WvStringList &responders);
00302 
00306     void get_ocsp(WvStringList &responders) const;
00307     
00312     void get_ca_urls(WvStringList &urls) const;
00313     
00318     void get_crl_urls(WvStringList &urls) const;
00319 
00324     void set_crl_urls(WvStringList &urls);
00325 
00329     WvString get_ski() const;
00330     
00334     WvString get_aki() const;
00335 
00339     virtual bool isok() const;
00340 
00344     virtual WvString errstr() const;
00345 
00346 private:
00347     friend class WvCRL;
00348     friend class WvX509Mgr;
00349 
00351     X509     *cert;
00352 
00353     mutable WvLog debug;
00354 
00359     WvString get_extension(int nid) const;
00360     void set_extension(int nid, WvStringParm values);
00361     
00365     void set_ski();
00366 
00371     void set_aki(const WvX509 &cacert);
00372 
00377     void warningset(WvStringParm var);
00378 
00383     WvRSAKey *get_rsa_pub() const;
00384 };
00385 
00386 #endif // __WVX509_H

Generated on Thu Jan 24 16:50:57 2008 for WvStreams by  doxygen 1.5.4