00001
00002
00003
00004
00005
00006
00007 #ifndef __WVX509_H
00008 #define __WVX509_H
00009
00010 #include "wvlog.h"
00011 #include "wverror.h"
00012 #include "wvstringlist.h"
00013
00014
00015 struct x509_st;
00016 typedef struct x509_st X509;
00017 struct ssl_ctx_st;
00018 typedef struct ssl_ctx_st SSL_CTX;
00019 struct X509_crl_st;
00020 typedef struct X509_crl_st X509_CRL;
00021
00022 struct X509_name_st;
00023 typedef struct X509_name_st X509_NAME;
00024
00025 struct asn1_string_st;
00026 typedef struct asn1_string_st ASN1_TIME;
00027
00028 class WvRSAKey;
00029 class WvCRLMgr;
00030
00031
00032
00033 void wvssl_init();
00034 void wvssl_free();
00035 WvString wvssl_errstr();
00036
00037
00042 class WvX509Mgr : public WvError, public IObject
00043 {
00044 IMPLEMENT_IOBJECT(WvX509Mgr);
00045 public:
00057 enum DumpMode { CertPEM = 0, CertDER, RsaPEM, RsaPubPEM, RsaRaw };
00058
00064 WvX509Mgr();
00065
00066
00075 WvX509Mgr(X509 *_cert);
00076
00081 WvX509Mgr(WvStringParm hexcert, WvStringParm hexrsa);
00082
00099 WvX509Mgr(WvStringParm _dname, WvRSAKey *_rsa);
00100
00107 WvX509Mgr(WvStringParm _dname, int bits);
00108
00109 private:
00114 WvX509Mgr(const WvX509Mgr &mgr);
00115
00116 public:
00118 virtual ~WvX509Mgr();
00119
00125 bool bind_ssl(SSL_CTX *ctx);
00126
00130 const WvRSAKey &get_rsa();
00131
00136 X509 *get_cert() const { return cert; }
00137
00142 void set_pubkey(WvRSAKey *rsa_pubkey);
00143
00151 void create_selfsigned(bool is_ca = false);
00152
00165 WvString certreq();
00166
00167
00173 WvString signreq(WvStringParm pkcs10req);
00174
00180 bool signcert(X509 *cert);
00181
00182
00187 bool signcrl(WvCRLMgr *crl);
00188
00189
00195 bool test();
00196
00202 void unhexify(WvStringParm encodedcert);
00203
00212 WvString hexify();
00213
00221 bool validate(WvX509Mgr *cacert = NULL, X509_CRL *crl = NULL);
00222
00228 bool signedbyCAindir(WvStringParm certdir);
00229
00234 bool signedbyCAinfile(WvStringParm certfile);
00235
00240 bool signedbyCA(WvX509Mgr *cacert);
00241
00246 WvString sign(WvBuf &data);
00247 WvString sign(WvStringParm data);
00248
00255 bool verify(WvBuf &original, WvStringParm signature);
00256 bool verify(WvStringParm original, WvStringParm signature);
00257
00261 WvString encode(const DumpMode mode);
00262
00269 void decode(const DumpMode mode, WvStringParm PemEncoded);
00270
00279 void write_p12(WvStringParm filename);
00280
00285 void read_p12(WvStringParm filename);
00286
00288 void setPkcs12Password(WvStringParm passwd)
00289 { pkcs12pass = passwd; }
00290
00295 WvString get_issuer();
00296 void set_issuer(WvStringParm name);
00297
00301 WvString get_subject();
00302 void set_subject(WvStringParm name);
00303 void set_subject(X509_NAME *name);
00307 WvString get_serial();
00308 void set_serial(long serial_no);
00309
00313 WvString get_nscomment();
00314 void set_nscomment(WvStringParm comment);
00315
00319 WvString get_nsserver();
00320 void set_nsserver(WvStringParm server_fqdn);
00321
00326 WvString get_crl_dp();
00327
00332 void set_crl_dp(WvStringList &list);
00333
00338 WvString get_cp_oid();
00339
00345 void set_cp_oid(WvStringParm oid, WvStringParm url);
00346
00347
00352 void set_version();
00353
00357 WvString get_key_usage();
00358 void set_key_usage(WvStringParm values);
00359
00363 WvString get_ext_key_usage();
00364 void set_ext_key_usage(WvStringParm values);
00365
00370 WvString get_altsubject();
00371
00375 void set_altsubject(WvStringParm name);
00376
00380 WvString get_constraints();
00381 void set_constraints(WvStringParm constraint);
00382
00386 time_t get_notvalid_before();
00387 time_t get_notvalid_after();
00388
00393 void set_lifetime(long seconds);
00394
00398 void set_aia(WvStringParm identifier);
00399 WvString get_aia();
00400
00401
00406 WvStringList *get_ocsp(WvStringList *responders);
00407
00412 WvStringList *get_ca_urls(WvStringList *urls);
00413
00418 WvString get_ski();
00419
00423 WvString get_aki();
00424
00425 void set_dname(WvStringParm _dname)
00426 { dname = _dname; }
00427
00428
00429
00430 void set_rsakey(WvRSAKey *_rsa)
00431 { rsa = _rsa; }
00432
00436 virtual bool isok() const;
00437
00438 virtual WvString errstr() const;
00439
00440 virtual int geterr() const;
00441
00442 private:
00444 X509 *cert;
00445
00451 WvRSAKey *rsa;
00452
00454 WvString dname;
00455
00456 WvLog debug;
00457
00462 WvString pkcs12pass;
00463
00468 WvString get_extension(int nid);
00469 void set_extension(int nid, WvStringParm values);
00470
00474 void filldname();
00475
00480 WvRSAKey *fillRSAPubKey();
00481 };
00482
00483 #endif // __WVX509_H