00001
00002
00003
00004
00005
00006
00007 #ifndef __WVCRL_H
00008 #define __WVCRL_H
00009
00010 #include "wverror.h"
00011 #include "wvlog.h"
00012 #include "wvx509.h"
00013
00014
00015 struct X509_crl_st;
00016 typedef struct X509_crl_st X509_CRL;
00017 struct ssl_ctx_st;
00018 typedef struct ssl_ctx_st SSL_CTX;
00019 struct asn1_string_st;
00020 typedef struct asn1_string_st ASN1_INTEGER;
00021
00022 class WvX509Mgr;
00023
00028 class WvCRL
00029 {
00030 public:
00038 enum DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER };
00039
00043 WvCRL();
00044
00049 WvCRL(const WvX509Mgr &cacert);
00050
00052 virtual ~WvCRL();
00053
00055 X509_CRL *getcrl()
00056 { return crl; }
00057
00062 bool signedbyca(const WvX509 &cacert) const;
00063
00068 bool issuedbyca(const WvX509 &cacert) const;
00069
00075 bool expired() const;
00076
00077
00078
00079
00080
00081 bool has_critical_extensions() const;
00082
00091 enum Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE,
00092 EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS };
00093
00100 Valid validate(const WvX509 &cacert) const;
00101
00105 WvString get_aki() const;
00106
00110 WvString get_issuer() const;
00111
00115 bool isok() const;
00116
00120 WvString encode(const DumpMode mode) const;
00121 void encode(const DumpMode mode, WvBuf &buf) const;
00122
00127 void decode(const DumpMode mode, WvStringParm encoded);
00128 void decode(const DumpMode mode, WvBuf &encoded);
00129
00133 bool isrevoked(const WvX509 &cert) const;
00134 bool isrevoked(WvStringParm serial_number) const;
00135
00139 void addcert(const WvX509 &cert);
00140
00146 int numcerts() const;
00147
00148 private:
00149 mutable WvLog debug;
00150 X509_CRL *crl;
00151 };
00152
00153 #endif // __WVCRL_H