WvCRL Class Reference

#include <wvcrl.h>

List of all members.


Detailed Description

CRL Class to handle certificate revocation lists and their related functions.

Definition at line 28 of file wvcrl.h.


Public Types

enum  DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER }
 Type for the encode() and decode() methods: CRLPEM = PEM Encoded X.509 CRL CRLDER = DER Encoded X.509 CRL CRLFilePEM = PEM Encoded X.509 CRL CRLFileDER = DER Encoded X.509 CRL.
enum  Valid {
  CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE,
  EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS
}
 Type for validate() method: ERROR = there was an error that happened. More...

Public Member Functions

 WvCRL ()
 Initialize a blank (null) CRL object.
 WvCRL (const WvX509Mgr &cacert)
 Initialize a CRL object, signed and created by the certificate 'cacert'.
virtual ~WvCRL ()
 Destructor.
X509_CRL * getcrl ()
 Accessor for CRL.
bool signedbyca (const WvX509 &cacert) const
 Check the CRL in crl against the CA certificate in cert
  • returns true if CRL was signed by that CA certificate.

bool issuedbyca (const WvX509 &cacert) const
 Check the issuer name of the CRL in crl against the CA certificate in cert
  • returns true if the names match.

bool expired () const
 Checks to see if the CRL is expired (i.e.
bool has_critical_extensions () const
Valid validate (const WvX509 &cacert) const
 Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.
WvString get_aki () const
 Get the Authority key Info.
WvString get_issuer () const
 Get the CRL Issuer.
bool isok () const
 Do we have any errors.
WvString encode (const DumpMode mode) const
 Return the information requested by mode as a WvString.
void encode (const DumpMode mode, WvBuf &buf) const
void decode (const DumpMode mode, WvStringParm encoded)
 Load the information from the format requested by mode into the class - this overwrites the CRL.
void decode (const DumpMode mode, WvBuf &encoded)
bool isrevoked (const WvX509 &cert) const
 Is the certificate in cert revoked?
bool isrevoked (WvStringParm serial_number) const
void addcert (const WvX509 &cert)
 Add the certificate specified by cert to the CRL.
int numcerts () const
 Counts the number of certificates in this CRL.

Member Enumeration Documentation

Type for validate() method: ERROR = there was an error that happened.

VALID = the certificate is valid NOT_THIS_CA = the certificate is not signed by this CA NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same), but the signature is invalid.

Definition at line 91 of file wvcrl.h.


Member Function Documentation

bool WvCRL::expired (  )  const

Checks to see if the CRL is expired (i.e.

: the present time is past the nextUpdate extension).

  • returns true if CRL has expired.

Definition at line 108 of file wvcrl.cc.

Referenced by validate().

WvCRL::Valid WvCRL::validate ( const WvX509 cacert  )  const

Checks to see that a CRL is signed and issued by a CA certificate, and that it has not expired.

  • returns a validity status. Get the Authority key Info

Definition at line 370 of file wvcrl.cc.

References expired(), issuedbyca(), and signedbyca().

bool WvCRL::isok (  )  const

Do we have any errors.

.. convenience function..

Definition at line 61 of file wvcrl.cc.

int WvCRL::numcerts (  )  const

Counts the number of certificates in this CRL.

WARNING: this method will be very slow and will consume a lot of memory for large CRLs.

Definition at line 392 of file wvcrl.cc.


The documentation for this class was generated from the following files:

Generated on Fri Jul 18 13:09:27 2008 for WvStreams by  doxygen 1.5.6