WvStreams
Public Types | Public Member Functions
WvCRL Class Reference

CRL Class to handle certificate revocation lists and their related functions. More...

#include <wvcrl.h>

List of all members.

Public Types

enum  DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER }
 Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL.
enum  Valid {
  CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE,
  EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS
}
 Type for validate() method: ERROR = there was an error that happened. More...

Public Member Functions

 WvCRL ()
 Initialize a blank (null) CRL object.
 WvCRL (const WvX509Mgr &ca)
 Initialize a CRL object, signed and created by the certificate 'ca'.
virtual ~WvCRL ()
 Destructor.
X509_CRL * getcrl ()
 Accessor for CRL.
bool signedbyca (const WvX509 &cacert) const
 Check the CRL in crl against the CA certificate in cert.
bool issuedbyca (const WvX509 &cacert) const
 Check the issuer name of the CRL in crl against the CA certificate in cert.
bool expired () const
 Checks to see if the CRL is expired (i.e.
bool has_critical_extensions () const
Valid validate (const WvX509 &cacert) const
 Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.
WvString get_aki () const
 Get the Authority key Info.
WvString get_issuer () const
 Get the CRL Issuer.
bool isok () const
 Do we have any errors...
WvString encode (const DumpMode mode) const
 Return the information requested by mode as a WvString.
void encode (const DumpMode mode, WvBuf &buf) const
void decode (const DumpMode mode, WvStringParm encoded)
 Load the information from the format requested by mode into the class - this overwrites the CRL.
void decode (const DumpMode mode, WvBuf &encoded)
bool isrevoked (const WvX509 &cert) const
 Is the certificate in cert revoked?
bool isrevoked (WvStringParm serial_number) const
void addcert (const WvX509 &cert)
 Add the certificate specified by cert to the CRL.
int numcerts () const
 Counts the number of certificates in this CRL.

Detailed Description

CRL Class to handle certificate revocation lists and their related functions.

Definition at line 28 of file wvcrl.h.


Member Enumeration Documentation

Type for validate() method: ERROR = there was an error that happened.

VALID = the certificate is valid NOT_THIS_CA = the certificate is not signed by this CA NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same), but the signature is invalid.

Definition at line 91 of file wvcrl.h.


Member Function Documentation

bool WvCRL::signedbyca ( const WvX509 cacert) const

Check the CRL in crl against the CA certificate in cert.

  • returns true if CRL was signed by that CA certificate.

Definition at line 95 of file wvcrl.cc.

References WvX509::get_subject().

Referenced by validate().

bool WvCRL::issuedbyca ( const WvX509 cacert) const

Check the issuer name of the CRL in crl against the CA certificate in cert.

  • returns true if the names match.

Definition at line 117 of file wvcrl.cc.

References get_issuer(), and WvX509::get_subject().

Referenced by validate().

bool WvCRL::expired ( ) const

Checks to see if the CRL is expired (i.e.

: the present time is past the nextUpdate extension).

  • returns true if CRL has expired.

Definition at line 136 of file wvcrl.cc.

Referenced by validate().

WvCRL::Valid WvCRL::validate ( const WvX509 cacert) const

Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.

  • returns a validity status. Get the Authority key Info

Definition at line 399 of file wvcrl.cc.

References expired(), issuedbyca(), and signedbyca().

bool WvCRL::isok ( ) const

Do we have any errors...

convenience function..

Definition at line 89 of file wvcrl.cc.

Referenced by WvX509Mgr::signcrl().

int WvCRL::numcerts ( ) const

Counts the number of certificates in this CRL.

WARNING: this method will be very slow and will consume a lot of memory for large CRLs.

Definition at line 421 of file wvcrl.cc.


The documentation for this class was generated from the following files: