#include <wvcrl.h>
Definition at line 28 of file wvcrl.h.
Public Types | |
enum | DumpMode { PEM = 0, DER, TEXT } |
Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL returned in Base64 TEXT = Decoded Human readable format. | |
enum | Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE, BEFORE_VALID, AFTER_VALID, REVOKED } |
Type for validate() method: ERROR = there was an error that happened. More... | |
Public Member Functions | |
WvCRLMgr (X509_CRL *_crl=NULL) | |
Initialize a blank CRL Object. | |
virtual | ~WvCRLMgr () |
Destructor. | |
X509_CRL * | getcrl () |
Accessor for CRL. | |
WvString | hexify () |
Given the CRL object crl, return a hexified string useful in a WvConf or UniConf file. | |
Valid | validate (WvX509Mgr *cert) |
Function to verify the validity of a certificate given by cert. | |
bool | signedbyCAindir (WvStringParm certdir) |
Check the CRL in crl against the CA certificates in certdir - returns true if crl was signed by one of the CA certificates. | |
bool | signedbyCAinfile (WvStringParm certfile) |
Check the CRL in crl against the CA certificate in certfile
| |
bool | signedbyCA (WvX509Mgr *cert) |
Check the CRL in crl against the CA certificate in cacert
| |
bool | isok () |
Do we have any errors. | |
void | setca (WvX509Mgr *cacert) |
Set the CA for this CRL. | |
WvString | encode (const DumpMode mode) |
Return the information requested by mode as a WvString. | |
void | decode (const DumpMode mode, WvStringParm PemEncoded) |
Load the information from the format requested by mode into the class - this overwrites the certificate, and possibly the key - and to enable two stage loading (the certificate first, then the key), it DOES NOT call test() - that will be up to the programmer. | |
WvString | get_issuer () |
Return the CRL Issuer (usually the CA who signed the certificate). | |
bool | isrevoked (WvX509Mgr *cert) |
Is the certificate in cert revoked? | |
bool | isrevoked (WvStringParm serial_number) |
int | numcerts () |
How many certificates in the CRL? | |
void | addcert (WvX509Mgr *cert) |
Add the certificate in cert to the CRL. | |
Public Attributes | |
WvError | err |
Where errors go when they happen. |
|
Type for validate() method: ERROR = there was an error that happened. VALID = the certificate is valid NOT_THIS_CA = the certificate is not signed by this CA NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same), but the signature is invalid. BEFORE_VALID = the certificate has not become valid yet AFTER_VALID = the certificate is past it's validity period REVOKED = the certificate has been revoked (it's serial number is in this CRL) |
|
Initialize a blank CRL Object. This either initializes a completely empty object, or takes a pre-allocated _crl - takes ownership. Definition at line 15 of file wvcrl.cc. References err, WvErrorBase::noerr(), and WvErrorBase::seterr(). |
|
Function to verify the validity of a certificate given by cert. This function checks three things: 1: That the certificate has been issued by the same CA that has signed this CRL. 2: That the certificate is within it's validity range 3: That the certificate isn't in the CRL. Definition at line 53 of file wvcrl.cc. References WvX509Mgr::get_issuer(), WvX509Mgr::get_subject(), isrevoked(), and signedbyCA(). |
|
Do we have any errors. .. convenience function.. Definition at line 124 of file wvcrl.h. References err, and WvErrorBase::isok(). |
|
Set the CA for this CRL. .. Definition at line 98 of file wvcrl.cc. References WvX509Mgr::get_issuer(). |