/usr/include/wvstreams/wvcrl.h is in libwvstreams-dev 4.6.1-11.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 | /* -*- Mode: C++ -*-
* Worldvisions Weaver Software:
* Copyright (C) 1997-2007 Net Integration Technologies, Inc. and others.
*
* X.509v3 CRL management class.
*/
#ifndef __WVCRL_H
#define __WVCRL_H
#include "wverror.h"
#include "wvlog.h"
#include "wvx509.h"
// Structures to make the compiler happy so we don't have to include x509v3.h ;)
struct X509_crl_st;
typedef struct X509_crl_st X509_CRL;
struct ssl_ctx_st;
typedef struct ssl_ctx_st SSL_CTX;
struct asn1_string_st;
typedef struct asn1_string_st ASN1_INTEGER;
class WvX509Mgr;
/**
* CRL Class to handle certificate revocation lists and their related
* functions
*/
class WvCRL
{
public:
/**
* Type for the @ref encode() and @ref decode() methods:
* CRLPEM = PEM Encoded X.509 CRL
* CRLDER = DER Encoded X.509 CRL
* CRLFilePEM = PEM Encoded X.509 CRL
* CRLFileDER = DER Encoded X.509 CRL
*/
enum DumpMode { CRLPEM = 0, CRLDER, CRLFilePEM, CRLFileDER };
/**
* Initialize a blank (null) CRL object.
*/
WvCRL();
/**
* Initialize a CRL object, signed and created by the certificate
* 'ca'.
*/
WvCRL(const WvX509Mgr &ca);
/** Destructor */
virtual ~WvCRL();
/** Accessor for CRL */
X509_CRL *getcrl()
{ return crl; }
/**
* Check the CRL in crl against the CA certificate in cert
* - returns true if CRL was signed by that CA certificate.
*/
bool signedbyca(const WvX509 &cacert) const;
/**
* Check the issuer name of the CRL in crl against the CA certificate in cert
* - returns true if the names match.
*/
bool issuedbyca(const WvX509 &cacert) const;
/**
* Checks to see if the CRL is expired (i.e.: the present time is past the
* nextUpdate extension).
* - returns true if CRL has expired.
*/
bool expired() const;
/*
* Checks to see if the CRL has any critical extensions in it.
* - returns true if the CRL has any critical extensions.
*/
bool has_critical_extensions() const;
/**
* Type for @ref validate() method:
* ERROR = there was an error that happened..
* VALID = the certificate is valid
* NOT_THIS_CA = the certificate is not signed by this CA
* NO_VALID_SIGNATURE = the certificate claims to be signed by this CA (Issuer is the same),
* but the signature is invalid.
*/
enum Valid { CRLERROR = -1, VALID, NOT_THIS_CA, NO_VALID_SIGNATURE,
EXPIRED, UNHANDLED_CRITICAL_EXTENSIONS };
/**
* Checks to see that a CRL is signed and issued by a CA certificate, and
* that it has not expired.
* - returns a validity status.
* Get the Authority key Info
*/
Valid validate(const WvX509 &cacert) const;
/**
* Get the Authority key Info
*/
WvString get_aki() const;
/**
* Get the CRL Issuer.
*/
WvString get_issuer() const;
/**
* Do we have any errors... convenience function..
*/
bool isok() const;
/**
* Return the information requested by mode as a WvString.
*/
WvString encode(const DumpMode mode) const;
void encode(const DumpMode mode, WvBuf &buf) const;
/**
* Load the information from the format requested by mode into
* the class - this overwrites the CRL.
*/
void decode(const DumpMode mode, WvStringParm encoded);
void decode(const DumpMode mode, WvBuf &encoded);
/**
* Is the certificate in cert revoked?
*/
bool isrevoked(const WvX509 &cert) const;
bool isrevoked(WvStringParm serial_number) const;
/**
* Add the certificate specified by cert to the CRL.
*/
void addcert(const WvX509 &cert);
/**
* Counts the number of certificates in this CRL.
* WARNING: this method will be very slow and will consume a lot
* of memory for large CRLs.
*/
int numcerts() const;
private:
mutable WvLog debug;
X509_CRL *crl;
};
#endif // __WVCRL_H
|